diff --git a/data/types.go b/data/types.go
index 3e1806bd..eb00489b 100644
--- a/data/types.go
+++ b/data/types.go
@@ -24,9 +24,12 @@ type HashAlgorithm string
 const (
 	KeyIDLength = sha256.Size * 2
 
-	KeyTypeEd25519           KeyType = "ed25519"
-	KeyTypeECDSA_SHA2_P256   KeyType = "ecdsa-sha2-nistp256"
-	KeyTypeRSASSA_PSS_SHA256 KeyType = "rsa"
+	KeyTypeEd25519 KeyType = "ed25519"
+	// From version 1.0.32, the reference implementation defines 'ecdsa',
+	// not 'ecdsa-sha2-nistp256' for NIST P-256 curves.
+	KeyTypeECDSA_SHA2_P256         KeyType = "ecdsa"
+	KeyTypeECDSA_SHA2_P256_OLD_FMT KeyType = "ecdsa-sha2-nistp256"
+	KeyTypeRSASSA_PSS_SHA256       KeyType = "rsa"
 
 	KeySchemeEd25519           KeyScheme = "ed25519"
 	KeySchemeECDSA_SHA2_P256   KeyScheme = "ecdsa-sha2-nistp256"
diff --git a/pkg/keys/ecdsa.go b/pkg/keys/ecdsa.go
index ee93e330..9740d1f3 100644
--- a/pkg/keys/ecdsa.go
+++ b/pkg/keys/ecdsa.go
@@ -20,7 +20,9 @@ func init() {
 	// Note: we use LoadOrStore here to prevent accidentally overriding the
 	// an explicit deprecated ECDSA verifier.
 	// TODO: When deprecated ECDSA is removed, this can switch back to Store.
+	VerifierMap.LoadOrStore(data.KeyTypeECDSA_SHA2_P256_OLD_FMT, NewEcdsaVerifier)
 	VerifierMap.LoadOrStore(data.KeyTypeECDSA_SHA2_P256, NewEcdsaVerifier)
+	SignerMap.Store(data.KeyTypeECDSA_SHA2_P256_OLD_FMT, newEcdsaSigner)
 	SignerMap.Store(data.KeyTypeECDSA_SHA2_P256, newEcdsaSigner)
 }