diff --git a/spec/conformance/Gemfile b/spec/conformance/Gemfile
index e414b4d8..ff79d3be 100644
--- a/spec/conformance/Gemfile
+++ b/spec/conformance/Gemfile
@@ -2,12 +2,13 @@
 
 source "https://rubygems.org"
 
-ruby "~> 2.7.0"
+ruby "~> 3.2.0"
 
 gem "byebug"
-gem "fido_metadata", "~> 0.4.0"
+gem "fido_metadata", github: 'santiagorodriguez96/fido_metadata', branch: 'sr--support-FIDO-metadata-msd3'
 gem "rack-contrib"
 gem "rubyzip"
 gem "sinatra", "~> 2.0"
 gem "sinatra-contrib"
 gem "webauthn", path: File.join("..", "..")
+gem "webrick"
diff --git a/spec/conformance/Gemfile.lock b/spec/conformance/Gemfile.lock
index 54d9982b..c650f008 100644
--- a/spec/conformance/Gemfile.lock
+++ b/spec/conformance/Gemfile.lock
@@ -1,79 +1,84 @@
+GIT
+  remote: https://github.com/santiagorodriguez96/fido_metadata.git
+  revision: 8280a2ac9bb83a37e9f68e20efdb40eca33ea937
+  branch: sr--support-FIDO-metadata-msd3
+  specs:
+    fido_metadata (0.3.0)
+      jwt (~> 2.0)
+
 PATH
   remote: ../..
   specs:
-    webauthn (2.5.1)
+    webauthn (3.0.0)
       android_key_attestation (~> 0.3.0)
       awrence (~> 1.1)
       bindata (~> 2.4)
       cbor (~> 0.5.9)
       cose (~> 1.1)
-      openssl (~> 2.2)
+      openssl (>= 2.2)
       safety_net_attestation (~> 0.4.0)
-      tpm-key_attestation (~> 0.10.0)
+      tpm-key_attestation (~> 0.12.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
     android_key_attestation (0.3.0)
     awrence (1.2.1)
-    backports (3.15.0)
-    bindata (2.4.10)
+    bindata (2.4.15)
     byebug (11.0.1)
     cbor (0.5.9.6)
-    cose (1.2.0)
+    cose (1.3.0)
       cbor (~> 0.5.9)
       openssl-signature_algorithm (~> 1.0)
-    fido_metadata (0.4.0)
-      jwt (~> 2.0)
-    ipaddr (1.2.4)
     jwt (2.2.1)
     multi_json (1.14.1)
-    mustermann (1.1.0)
+    mustermann (2.0.2)
       ruby2_keywords (~> 0.0.1)
-    openssl (2.2.1)
-      ipaddr
-    openssl-signature_algorithm (1.1.1)
-      openssl (~> 2.0)
-    rack (2.2.3)
-    rack-contrib (2.1.0)
+    openssl (3.2.0)
+    openssl-signature_algorithm (1.3.0)
+      openssl (> 2.0)
+    rack (2.2.8)
+    rack-contrib (2.3.0)
       rack (~> 2.0)
-    rack-protection (2.0.8.1)
+    rack-protection (2.2.4)
       rack
     ruby2_keywords (0.0.1)
     rubyzip (2.0.0)
     safety_net_attestation (0.4.0)
       jwt (~> 2.0)
-    sinatra (2.0.8.1)
-      mustermann (~> 1.0)
-      rack (~> 2.0)
-      rack-protection (= 2.0.8.1)
+    sinatra (2.2.4)
+      mustermann (~> 2.0)
+      rack (~> 2.2)
+      rack-protection (= 2.2.4)
       tilt (~> 2.0)
-    sinatra-contrib (2.0.8.1)
-      backports (>= 2.8.2)
+    sinatra-contrib (2.2.4)
       multi_json
-      mustermann (~> 1.0)
-      rack-protection (= 2.0.8.1)
-      sinatra (= 2.0.8.1)
+      mustermann (~> 2.0)
+      rack-protection (= 2.2.4)
+      sinatra (= 2.2.4)
       tilt (~> 2.0)
     tilt (2.0.10)
-    tpm-key_attestation (0.10.0)
+    tpm-key_attestation (0.12.0)
       bindata (~> 2.4)
+      openssl (> 2.0)
       openssl-signature_algorithm (~> 1.0)
+    webrick (1.8.1)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   byebug
-  fido_metadata (~> 0.4.0)
+  fido_metadata!
   rack-contrib
   rubyzip
   sinatra (~> 2.0)
   sinatra-contrib
   webauthn!
+  webrick
 
 RUBY VERSION
-   ruby 2.7.0p-1
+   ruby 3.2.2p53
 
 BUNDLED WITH
-   2.2.14
+   2.3.26
diff --git a/spec/conformance/MDSROOT.crt b/spec/conformance/MDSROOT.crt
index d80f44af..46d19c7f 100644
--- a/spec/conformance/MDSROOT.crt
+++ b/spec/conformance/MDSROOT.crt
@@ -1,15 +1,29 @@
+!!!!!DO NOT DYNAMICALLY FETCH THIS CERTIFICATE!!!!!
+!!!!!ADD THIS CERTIFICATE DIRECTLY TO YOUR CERTIFICATE STORAGE OR SOURCE CODE!!!!!
+
+FIDO Alliance Certification TEST Metadata Service Root Certificate
+Expected page status: Valid
+CN=FAKE Root FAKE
+OU=FAKE Metadata 3 BLOB Signing FAKE
+O=FIDO Alliance
+C=US
+Serial number=04 5A 1C 22 66 A1 4F 3F 1F  4D 29 55 12 23 15
+Valid from=01 February 2017
+Valid to=31 January 2045
+
+Base64
 -----BEGIN CERTIFICATE-----
-MIICZzCCAe6gAwIBAgIPBF0rd3WL/GExWV/szYNVMAoGCCqGSM49BAMDMGcxCzAJ
+MIICaDCCAe6gAwIBAgIPBCqih0DiJLW7+UHXx/o1MAoGCCqGSM49BAMDMGcxCzAJ
 BgNVBAYTAlVTMRYwFAYDVQQKDA1GSURPIEFsbGlhbmNlMScwJQYDVQQLDB5GQUtF
-IE1ldGFkYXRhIFRPQyBTaWduaW5nIEZBS0UxFzAVBgNVBAMMDkZBS0UgUm9vdCBG
+IE1ldGFkYXRhIDMgQkxPQiBST09UIEZBS0UxFzAVBgNVBAMMDkZBS0UgUm9vdCBG
 QUtFMB4XDTE3MDIwMTAwMDAwMFoXDTQ1MDEzMTIzNTk1OVowZzELMAkGA1UEBhMC
 VVMxFjAUBgNVBAoMDUZJRE8gQWxsaWFuY2UxJzAlBgNVBAsMHkZBS0UgTWV0YWRh
-dGEgVE9DIFNpZ25pbmcgRkFLRTEXMBUGA1UEAwwORkFLRSBSb290IEZBS0UwdjAQ
-BgcqhkjOPQIBBgUrgQQAIgNiAARcVLd6r4fnNHzs5K2zfbg//4X9/oBqmsdRVtZ9
-iXhlgM9vFYaKviYtqmwkq0D3Lihg3qefeZgXXYi4dFgvzU7ZLBapSNM3CT8RDBe/
-MBJqsPwaRQbIsGmmItmt/ESNQD6jYDBeMAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBTd95rIHO/hX9Oh69szXzD0ahmZWTAfBgNVHSMEGDAW
-gBTd95rIHO/hX9Oh69szXzD0ahmZWTAKBggqhkjOPQQDAwNnADBkAjBkP3L99KEX
-QzviJVGytDMWBmITMBYv1LgNXXiSilWixTyQqHrYrFpLvNFyPZQvS6sCMFMAOUCw
-Ach/515XH0XlDbMgdIe2N4zzdY77TVwiHmsxTFWRT0FtS7fUk85c/LzSPQ==
------END CERTIFICATE-----
+dGEgMyBCTE9CIFJPT1QgRkFLRTEXMBUGA1UEAwwORkFLRSBSb290IEZBS0UwdjAQ
+BgcqhkjOPQIBBgUrgQQAIgNiAASKYiz3YltC6+lmxhPKwA1WFZlIqnX8yL5RybSL
+TKFAPEQeTD9O6mOz+tg8wcSdnVxHzwnXiQKJwhrav70rKc2ierQi/4QUrdsPes8T
+EirZOkCVJurpDFbXZOgs++pa4XmjYDBeMAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8E
+BTADAQH/MB0GA1UdDgQWBBQGcfeCs0Y8D+lh6U5B2xSrR74eHTAfBgNVHSMEGDAW
+gBQGcfeCs0Y8D+lh6U5B2xSrR74eHTAKBggqhkjOPQQDAwNoADBlAjEA/xFsgri0
+xubSa3y3v5ormpPqCwfqn9s0MLBAtzCIgxQ/zkzPKctkiwoPtDzI51KnAjAmeMyg
+X2S5Ht8+e+EQnezLJBJXtnkRWY+Zt491wgt/AwSs5PHHMv5QgjELOuMxQBc=
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/spec/conformance/conformance_cache_store.rb b/spec/conformance/conformance_cache_store.rb
index 6890f158..cbc89208 100644
--- a/spec/conformance/conformance_cache_store.rb
+++ b/spec/conformance/conformance_cache_store.rb
@@ -22,7 +22,7 @@ def setup_metadata_store(endpoint)
     puts("Setting up metadata store TOC")
 
     response = Net::HTTP.post(
-      URI("https://mds.certinfra.fidoalliance.org/getEndpoints"),
+      URI("https://mds3.fido.tools/getEndpoints"),
       { endpoint: endpoint }.to_json,
       FidoMetadata::Client::DEFAULT_HEADERS
     )
@@ -30,12 +30,12 @@ def setup_metadata_store(endpoint)
     response.value
     possible_endpoints = JSON.parse(response.body)["result"]
 
-    client = FidoMetadata::Client.new(nil)
+    client = FidoMetadata::Client.new
 
     json =
       possible_endpoints.each_with_index do |uri, index|
         puts("Trying endpoint #{index}: #{uri}")
-        break client.download_toc(URI(uri), trusted_certs: conformance_certificates)
+        break client.download_toc(URI(uri), algorithms: ["ES256"], trusted_certs: conformance_certificates)
       rescue FidoMetadata::Client::DataIntegrityError, JWT::VerificationError, Net::HTTPFatalError
         nil
       end
diff --git a/spec/conformance/server.rb b/spec/conformance/server.rb
index b1fded40..e4abecea 100644
--- a/spec/conformance/server.rb
+++ b/spec/conformance/server.rb
@@ -42,7 +42,6 @@ def self.registered_for(username)
 
 mds_finder =
   MDSFinder.new.tap do |mds|
-    mds.token = ""
     mds.cache_backend = ConformanceCacheStore.new
     mds.cache_backend.setup_authenticators
     mds.cache_backend.setup_metadata_store("http://#{host}:#{settings.port}")
@@ -51,7 +50,7 @@ def self.registered_for(username)
 relying_party = WebAuthn::RelyingParty.new(
   origin: "http://#{host}:#{settings.port}",
   name: RP_NAME,
-  algorithms: %w(ES256 ES384 ES512 PS256 PS384 PS512 RS256 RS384 RS512 RS1),
+  algorithms: %w(ES256 ES384 ES512 PS256 PS384 PS512 RS256 RS384 RS512 RS1 EdDSA),
   silent_authentication: true,
   attestation_root_certificates_finders: mds_finder
 )