Offline signature verification subcommand

[henrywang8atfbdotcom]

Are there any plans to extend the CLI with a subcommand that verifies a pre-obtained SignatureResponse (either input as JSON or its constituents). Such that the flow would be completely offline.

cli verify \
--version 1 \
--namespace ns \
--epoch 1 \
--digest abc \
--signature bcd \ 

[thibmeu]

this would be a good addition. I think the cli should rather be consuming the signature from stdin or a path, allowing chaining with curl for instance, or a json output should this be done at some point.

curl 'https://plexi.key-transparency.cloudflare.com/namespaces/{namespace}/audits/{epoch}' | plexi verify --publickey '<hex>'

[henrywang8atfbdotcom]

That would be great! Right, stdin or json input file would be more practical than passing in the constituents.

[henrywang8atfbdotcom]

Do you think we can get this feature in the next version upgrade, whenever that is? Just wanted to avoid keeping internal patches.