diff --git a/plugin/plugin.go b/plugin/plugin.go
index d7ab7dfb..c45ee86f 100644
--- a/plugin/plugin.go
+++ b/plugin/plugin.go
@@ -185,18 +185,18 @@ type VerifySignatureRequest struct {
 // Signature represents a signature pulled from the envelope
 type Signature struct {
 	CriticalAttributes    CriticalAttributes `json:"criticalAttributes"`
-	UnprocessedAttributes []interface{}      `json:"unprocessedAttributes"`
+	UnprocessedAttributes []string           `json:"unprocessedAttributes"`
 	CertificateChain      [][]byte           `json:"certificateChain"`
 }
 
 // CriticalAttributes contains all Notary V2 defined critical
 // attributes and their values in the signature envelope
 type CriticalAttributes struct {
-	ContentType          string                      `json:"contentType"`
-	SigningScheme        string                      `json:"signingScheme"`
-	Expiry               *time.Time                  `json:"expiry,omitempty"`
-	AuthenticSigningTime *time.Time                  `json:"authenticSigningTime,omitempty"`
-	ExtendedAttributes   map[interface{}]interface{} `json:"extendedAttributes,omitempty"`
+	ContentType          string                 `json:"contentType"`
+	SigningScheme        string                 `json:"signingScheme"`
+	Expiry               *time.Time             `json:"expiry,omitempty"`
+	AuthenticSigningTime *time.Time             `json:"authenticSigningTime,omitempty"`
+	ExtendedAttributes   map[string]interface{} `json:"extendedAttributes,omitempty"`
 }
 
 // TrustPolicy represents trusted identities that sign the artifacts
diff --git a/verification/verifier_helpers.go b/verification/verifier_helpers.go
index 90b8e2fd..a9a1415d 100644
--- a/verification/verifier_helpers.go
+++ b/verification/verifier_helpers.go
@@ -253,12 +253,12 @@ func (v *Verifier) executePlugin(ctx context.Context, trustPolicy *TrustPolicy,
 	if err != nil {
 		return nil, err
 	}
-	var attributesToProcess []interface{}
-	extendedAttributes := make(map[interface{}]interface{})
+	var attributesToProcess []string
+	extendedAttributes := make(map[string]interface{})
 
 	for _, attr := range getNonPluginExtendedCriticalAttributes(signerInfo) {
-		extendedAttributes[attr.Key] = attr.Value
-		attributesToProcess = append(attributesToProcess, attr.Key)
+		extendedAttributes[attr.Key.(string)] = attr.Value
+		attributesToProcess = append(attributesToProcess, attr.Key.(string))
 	}
 
 	var certChain [][]byte
@@ -316,10 +316,10 @@ func getNonPluginExtendedCriticalAttributes(signerInfo *signature.SignerInfo) []
 	var criticalExtendedAttrs []signature.Attribute
 	for _, attr := range signerInfo.SignedAttributes.ExtendedAttributes {
 		attrStrKey, ok := attr.Key.(string)
-		if ok && isPresent(attrStrKey, VerificationPluginHeaders) { // filter the plugin extended attributes
-			continue
+		if ok && !isPresent(attrStrKey, VerificationPluginHeaders) { // filter the plugin extended attributes
+			// TODO support other attribute types (COSE attribute keys can be numbers)
+			criticalExtendedAttrs = append(criticalExtendedAttrs, attr)
 		}
-		criticalExtendedAttrs = append(criticalExtendedAttrs, attr)
 	}
 	return criticalExtendedAttrs
 }