diff --git a/repo.go b/repo.go
index d5aa7a6d..3f29b3ac 100644
--- a/repo.go
+++ b/repo.go
@@ -103,7 +103,7 @@ func NewRepoIndent(local LocalStore, prefix string, indent string, hashAlgorithm
 }
 
 func (r *Repo) Init(consistentSnapshot bool) error {
-	t, err := r.targets()
+	t, err := r.topLevelTargets()
 	if err != nil {
 		return err
 	}
@@ -112,14 +112,14 @@ func (r *Repo) Init(consistentSnapshot bool) error {
 	}
 	root := data.NewRoot()
 	root.ConsistentSnapshot = consistentSnapshot
-	err = r.setMeta("root.json", root)
+	err = r.setTopLevelMeta("root.json", root)
 	if err == nil {
 		fmt.Println("Repository initialized")
 	}
 	return err
 }
 
-func (r *Repo) db() (*verify.DB, error) {
+func (r *Repo) topLevelKeysDB() (*verify.DB, error) {
 	db := verify.NewDB()
 	root, err := r.root()
 	if err != nil {
@@ -222,11 +222,11 @@ func (r *Repo) SetThreshold(keyRole string, t int) error {
 		root.Version++
 		r.versionUpdated["root.json"] = struct{}{}
 	}
-	return r.setMeta("root.json", root)
+	return r.setTopLevelMeta("root.json", root)
 }
 
 func (r *Repo) Targets() (data.TargetFiles, error) {
-	targets, err := r.targets()
+	targets, err := r.topLevelTargets()
 	if err != nil {
 		return nil, err
 	}
@@ -234,16 +234,16 @@ func (r *Repo) Targets() (data.TargetFiles, error) {
 }
 
 func (r *Repo) SetTargetsVersion(v int) error {
-	t, err := r.targets()
+	t, err := r.topLevelTargets()
 	if err != nil {
 		return err
 	}
 	t.Version = v
-	return r.setMeta("targets.json", t)
+	return r.setTopLevelMeta("targets.json", t)
 }
 
 func (r *Repo) TargetsVersion() (int, error) {
-	t, err := r.targets()
+	t, err := r.topLevelTargets()
 	if err != nil {
 		return -1, err
 	}
@@ -257,7 +257,7 @@ func (r *Repo) SetTimestampVersion(v int) error {
 	}
 	ts.Version = v
 	r.versionUpdated["timestamp.json"] = struct{}{}
-	return r.setMeta("timestamp.json", ts)
+	return r.setTopLevelMeta("timestamp.json", ts)
 }
 
 func (r *Repo) TimestampVersion() (int, error) {
@@ -276,7 +276,7 @@ func (r *Repo) SetSnapshotVersion(v int) error {
 
 	s.Version = v
 	r.versionUpdated["snapshot.json"] = struct{}{}
-	return r.setMeta("snapshot.json", s)
+	return r.setTopLevelMeta("snapshot.json", s)
 }
 
 func (r *Repo) SnapshotVersion() (int, error) {
@@ -287,7 +287,7 @@ func (r *Repo) SnapshotVersion() (int, error) {
 	return s.Version, nil
 }
 
-func (r *Repo) targets() (*data.Targets, error) {
+func (r *Repo) topLevelTargets() (*data.Targets, error) {
 	targetsJSON, ok := r.meta["targets.json"]
 	if !ok {
 		return data.NewTargets(), nil
@@ -406,7 +406,7 @@ func (r *Repo) AddVerificationKeyWithExpiration(keyRole string, pk *data.PublicK
 		r.versionUpdated["root.json"] = struct{}{}
 	}
 
-	return r.setMeta("root.json", root)
+	return r.setTopLevelMeta("root.json", root)
 }
 
 func validExpires(expires time.Time) bool {
@@ -512,7 +512,7 @@ func (r *Repo) RevokeKeyWithExpires(keyRole, id string, expires time.Time) error
 		r.versionUpdated["root.json"] = struct{}{}
 	}
 
-	err = r.setMeta("root.json", root)
+	err = r.setTopLevelMeta("root.json", root)
 	if err == nil {
 		fmt.Println("Revoked", keyRole, "key with ID", id, "in root metadata")
 	}
@@ -537,7 +537,7 @@ func (r *Repo) jsonMarshal(v interface{}) ([]byte, error) {
 	return out.Bytes(), nil
 }
 
-func (r *Repo) setMeta(roleFilename string, meta interface{}) error {
+func (r *Repo) setTopLevelMeta(roleFilename string, meta interface{}) error {
 	keys, err := r.getSortedSigningKeys(strings.TrimSuffix(roleFilename, ".json"))
 	if err != nil {
 		return err
@@ -597,7 +597,7 @@ func (r *Repo) AddOrUpdateSignature(roleFilename string, signature data.Signatur
 	}
 
 	// Check key ID is in valid for the role.
-	db, err := r.db()
+	db, err := r.topLevelKeysDB()
 	if err != nil {
 		return err
 	}
@@ -658,7 +658,7 @@ func (r *Repo) getSortedSigningKeys(name string) ([]keys.Signer, error) {
 		sort.Sort(signer.ByIDs(sorted))
 		return sorted, nil
 	}
-	db, err := r.db()
+	db, err := r.topLevelKeysDB()
 	if err != nil {
 		return nil, err
 	}
@@ -722,7 +722,7 @@ func (r *Repo) AddTargetsWithExpires(paths []string, custom json.RawMessage, exp
 		return ErrInvalidExpires{expires}
 	}
 
-	t, err := r.targets()
+	t, err := r.topLevelTargets()
 	if err != nil {
 		return err
 	}
@@ -758,7 +758,7 @@ func (r *Repo) AddTargetsWithExpires(paths []string, custom json.RawMessage, exp
 		r.versionUpdated["targets.json"] = struct{}{}
 	}
 
-	err = r.setMeta("targets.json", t)
+	err = r.setTopLevelMeta("targets.json", t)
 	if err == nil {
 		fmt.Println("Added/staged targets:")
 		for k := range t.Targets {
@@ -786,7 +786,7 @@ func (r *Repo) RemoveTargetsWithExpires(paths []string, expires time.Time) error
 		return ErrInvalidExpires{expires}
 	}
 
-	t, err := r.targets()
+	t, err := r.topLevelTargets()
 	if err != nil {
 		return err
 	}
@@ -820,7 +820,7 @@ func (r *Repo) RemoveTargetsWithExpires(paths []string, expires time.Time) error
 		r.versionUpdated["targets.json"] = struct{}{}
 	}
 
-	err = r.setMeta("targets.json", t)
+	err = r.setTopLevelMeta("targets.json", t)
 	if err == nil {
 		fmt.Println("Removed targets:")
 		for _, v := range removed_targets {
@@ -851,7 +851,7 @@ func (r *Repo) SnapshotWithExpires(expires time.Time) error {
 	if err != nil {
 		return err
 	}
-	db, err := r.db()
+	db, err := r.topLevelKeysDB()
 	if err != nil {
 		return err
 	}
@@ -871,7 +871,7 @@ func (r *Repo) SnapshotWithExpires(expires time.Time) error {
 		snapshot.Version++
 		r.versionUpdated["snapshot.json"] = struct{}{}
 	}
-	err = r.setMeta("snapshot.json", snapshot)
+	err = r.setTopLevelMeta("snapshot.json", snapshot)
 	if err == nil {
 		fmt.Println("Staged snapshot.json metadata with expiration date:", snapshot.Expires)
 	}
@@ -887,7 +887,7 @@ func (r *Repo) TimestampWithExpires(expires time.Time) error {
 		return ErrInvalidExpires{expires}
 	}
 
-	db, err := r.db()
+	db, err := r.topLevelKeysDB()
 	if err != nil {
 		return err
 	}
@@ -908,7 +908,7 @@ func (r *Repo) TimestampWithExpires(expires time.Time) error {
 		r.versionUpdated["timestamp.json"] = struct{}{}
 	}
 
-	err = r.setMeta("timestamp.json", timestamp)
+	err = r.setTopLevelMeta("timestamp.json", timestamp)
 	if err == nil {
 		fmt.Println("Staged timestamp.json metadata with expiration date:", timestamp.Expires)
 	}
@@ -920,7 +920,7 @@ func (r *Repo) fileVersions() (map[string]int, error) {
 	if err != nil {
 		return nil, err
 	}
-	targets, err := r.targets()
+	targets, err := r.topLevelTargets()
 	if err != nil {
 		return nil, err
 	}
@@ -954,7 +954,7 @@ func (r *Repo) fileHashes() (map[string]data.Hashes, error) {
 	if m, ok := timestamp.Meta["snapshot.json"]; ok {
 		hashes["snapshot.json"] = m.Hashes
 	}
-	t, err := r.targets()
+	t, err := r.topLevelTargets()
 	if err != nil {
 		return nil, err
 	}
@@ -1016,7 +1016,7 @@ func (r *Repo) Commit() error {
 	}
 
 	// verify all signatures are correct
-	db, err := r.db()
+	db, err := r.topLevelKeysDB()
 	if err != nil {
 		return err
 	}
diff --git a/repo_test.go b/repo_test.go
index cea48281..8eee1a13 100644
--- a/repo_test.go
+++ b/repo_test.go
@@ -126,7 +126,7 @@ func testNewRepo(c *C, newRepo func(local LocalStore, hashAlgorithms ...string)
 	c.Assert(root.Keys, NotNil)
 	c.Assert(root.Keys, HasLen, 0)
 
-	targets, err := r.targets()
+	targets, err := r.topLevelTargets()
 	c.Assert(err, IsNil)
 	c.Assert(targets.Type, Equals, "targets")
 	c.Assert(targets.Version, Equals, 1)
@@ -212,7 +212,7 @@ func (rs *RepoSuite) TestGenKey(c *C) {
 	}
 
 	// check root key + role are in db
-	db, err := r.db()
+	db, err := r.topLevelKeysDB()
 	c.Assert(err, IsNil)
 	for _, keyID := range ids {
 		rootKey, err := db.GetVerifier(keyID)
@@ -256,7 +256,7 @@ func (rs *RepoSuite) TestGenKey(c *C) {
 	}
 	c.Assert(targetsRole.KeyIDs, HasLen, 2)
 	targetKeyIDs := make(map[string]struct{}, 2)
-	db, err = r.db()
+	db, err = r.topLevelKeysDB()
 	c.Assert(err, IsNil)
 	for _, id := range targetsRole.KeyIDs {
 		targetKeyIDs[id] = struct{}{}
@@ -375,7 +375,7 @@ func (rs *RepoSuite) TestAddPrivateKey(c *C) {
 	}
 
 	// check root key + role are in db
-	db, err := r.db()
+	db, err := r.topLevelKeysDB()
 	c.Assert(err, IsNil)
 	for _, keyID := range ids {
 		rootKey, err := db.GetVerifier(keyID)
@@ -419,7 +419,7 @@ func (rs *RepoSuite) TestAddPrivateKey(c *C) {
 	}
 	c.Assert(targetsRole.KeyIDs, HasLen, 2)
 	targetKeyIDs := make(map[string]struct{}, 2)
-	db, err = r.db()
+	db, err = r.topLevelKeysDB()
 	c.Assert(err, IsNil)
 	for _, id := range targetsRole.KeyIDs {
 		targetKeyIDs[id] = struct{}{}
@@ -934,7 +934,7 @@ func (rs *RepoSuite) TestCommitFileSystem(c *C) {
 	c.Assert(r.AddTarget("foo.txt", nil), IsNil)
 	tmp.assertExists("staged/targets.json")
 	tmp.assertEmpty("repository")
-	t, err := r.targets()
+	t, err := r.topLevelTargets()
 	c.Assert(err, IsNil)
 	c.Assert(t.Targets, HasLen, 1)
 	if _, ok := t.Targets["foo.txt"]; !ok {
@@ -1085,7 +1085,7 @@ func (rs *RepoSuite) TestConsistentSnapshot(c *C) {
 	// targets should be returned by new repo
 	newRepo, err := NewRepo(local, "sha512", "sha256")
 	c.Assert(err, IsNil)
-	t, err := newRepo.targets()
+	t, err := newRepo.topLevelTargets()
 	c.Assert(err, IsNil)
 	c.Assert(t.Targets, HasLen, 1)
 	if _, ok := t.Targets["dir/bar.txt"]; !ok {
@@ -1156,7 +1156,7 @@ func (rs *RepoSuite) TestExpiresAndVersion(c *C) {
 	c.Assert(r.Snapshot(), IsNil)
 	c.Assert(r.Timestamp(), IsNil)
 	c.Assert(r.Commit(), IsNil)
-	targets, err := r.targets()
+	targets, err := r.topLevelTargets()
 	c.Assert(err, IsNil)
 	c.Assert(targets.Expires.Unix(), Equals, expires.Round(time.Second).Unix())
 	c.Assert(targets.Version, Equals, 2)
@@ -1166,7 +1166,7 @@ func (rs *RepoSuite) TestExpiresAndVersion(c *C) {
 	c.Assert(r.Snapshot(), IsNil)
 	c.Assert(r.Timestamp(), IsNil)
 	c.Assert(r.Commit(), IsNil)
-	targets, err = r.targets()
+	targets, err = r.topLevelTargets()
 	c.Assert(err, IsNil)
 	c.Assert(targets.Expires.Unix(), Equals, expires.Round(time.Second).Unix())
 	c.Assert(targets.Version, Equals, 3)
@@ -1234,7 +1234,7 @@ func (rs *RepoSuite) TestHashAlgorithm(c *C) {
 		if test.expected == nil {
 			test.expected = test.args
 		}
-		targets, err := r.targets()
+		targets, err := r.topLevelTargets()
 		c.Assert(err, IsNil)
 		snapshot, err := r.snapshot()
 		c.Assert(err, IsNil)
@@ -1428,7 +1428,7 @@ func (rs *RepoSuite) TestManageMultipleTargets(c *C) {
 	genKey(c, r, "timestamp")
 
 	assertRepoTargets := func(paths ...string) {
-		t, err := r.targets()
+		t, err := r.topLevelTargets()
 		c.Assert(err, IsNil)
 		for _, path := range paths {
 			if _, ok := t.Targets[path]; !ok {
@@ -1474,7 +1474,7 @@ func (rs *RepoSuite) TestManageMultipleTargets(c *C) {
 	c.Assert(r.Timestamp(), IsNil)
 	c.Assert(r.Commit(), IsNil)
 	tmp.assertEmpty("repository/targets")
-	t, err := r.targets()
+	t, err := r.topLevelTargets()
 	c.Assert(err, IsNil)
 	c.Assert(t.Targets, HasLen, 0)
 }
@@ -1491,7 +1491,7 @@ func (rs *RepoSuite) TestCustomTargetMetadata(c *C) {
 
 	custom := json.RawMessage(`{"foo":"bar"}`)
 	assertCustomMeta := func(file string, custom *json.RawMessage) {
-		t, err := r.targets()
+		t, err := r.topLevelTargets()
 		c.Assert(err, IsNil)
 		target, ok := t.Targets[file]
 		if !ok {
@@ -1536,7 +1536,7 @@ func (rs *RepoSuite) TestUnknownKeyIDs(c *C) {
 	c.Assert(root.Version, Equals, 1)
 
 	root.Keys["unknown-key-id"] = signer.PublicData()
-	r.setMeta("root.json", root)
+	r.setTopLevelMeta("root.json", root)
 
 	// commit the metadata to the store.
 	c.Assert(r.AddTargets([]string{}, nil), IsNil)
@@ -1771,7 +1771,7 @@ func (rs *RepoSuite) TestBadAddOrUpdateSignatures(c *C) {
 	checkSigIDs := func(role string) {
 		s, err := r.SignedMeta(role)
 		c.Assert(err, IsNil)
-		db, err := r.db()
+		db, err := r.topLevelKeysDB()
 		c.Assert(err, IsNil)
 		// keys is a map of key IDs.
 		keys := db.GetRole(strings.TrimSuffix(role, ".json")).KeyIDs