verify_delegate() is currently an instance method of Metadata. It could be an instance method of Signed since it does not need anything from metadata and since this would lead to cleaner code.

• Generally code that uses tuf.repository can mostly look clean as it does not need to deal with the actual Metadata:

  root = repo.root()
  print (f"root version is {root.version}")
  

  This no longer works if one wants to verify a delegate just because of API design
• We could add a Signed.verify_delegate() and similar code should work:

  root = repo.root()
  root.verify_delegate("targets", metadata)
  

• nothing prevents leaving Metadata.verify_delegate() in place as a deprecated method