diff --git a/tuf/data/roles.go b/tuf/data/roles.go
index eff90f4833..6338461637 100644
--- a/tuf/data/roles.go
+++ b/tuf/data/roles.go
@@ -115,12 +115,10 @@ func ValidRole(name string) bool {
 
 // IsDelegation checks if the role is a delegation or a root role
 func IsDelegation(role string) bool {
-	targetsBase := fmt.Sprintf("%s/", ValidRoles[CanonicalTargetsRole])
+	targetsBase := ValidRoles[CanonicalTargetsRole] + "/"
 
-	whitelistedChars, err := regexp.MatchString("^[-a-z0-9_/]+$", role)
-	if err != nil {
-		return false
-	}
+	delegationRegexp := regexp.MustCompile("^[-a-z0-9_/]+$")
+	whitelistedChars := delegationRegexp.MatchString(role)
 
 	// Limit size of full role string to 255 chars for db column size limit
 	correctLength := len(role) < 256
@@ -274,7 +272,9 @@ func mergeStrSlices(orig, new []string) []string {
 	}
 	for _, e := range new {
 		if !have[e] {
-			orig = append(orig, e)
+			origCopy := make([]string, len(orig))
+			copy(origCopy, orig)
+			orig = append(origCopy, e)
 		}
 	}
 	return orig
diff --git a/tuf/store/httpstore.go b/tuf/store/httpstore.go
index 56ea40eab8..66e4bcc15a 100644
--- a/tuf/store/httpstore.go
+++ b/tuf/store/httpstore.go
@@ -33,7 +33,7 @@ type ErrServerUnavailable struct {
 }
 
 func (err ErrServerUnavailable) Error() string {
-	return fmt.Sprintf("Unable to reach trust server at this time: %d.", err.code)
+	return fmt.Sprintf("unable to reach trust server at this time: %d.", err.code)
 }
 
 // ErrMaliciousServer indicates the server returned a response that is highly suspected
@@ -42,7 +42,7 @@ func (err ErrServerUnavailable) Error() string {
 type ErrMaliciousServer struct{}
 
 func (err ErrMaliciousServer) Error() string {
-	return "Trust server returned a bad response."
+	return "trust server returned a bad response."
 }
 
 // ErrInvalidOperation indicates that the server returned a 400 response and
@@ -53,9 +53,9 @@ type ErrInvalidOperation struct {
 
 func (err ErrInvalidOperation) Error() string {
 	if err.msg != "" {
-		return fmt.Sprintf("Trust server rejected operation: %s", err.msg)
+		return fmt.Sprintf("trust server rejected operation: %s", err.msg)
 	}
-	return "Trust server rejected operation."
+	return "trust server rejected operation."
 }
 
 // HTTPStore manages pulling and pushing metadata from and to a remote
diff --git a/tuf/tuf.go b/tuf/tuf.go
index 6aa94cc032..b7e3e07353 100644
--- a/tuf/tuf.go
+++ b/tuf/tuf.go
@@ -352,7 +352,7 @@ func (tr *Repo) InitRoot(consistent bool) error {
 // InitTargets initializes an empty targets, and returns the new empty target
 func (tr *Repo) InitTargets(role string) (*data.SignedTargets, error) {
 	r := data.Role{Name: role}
-	if !r.IsDelegation() && !(data.CanonicalRole(role) == data.CanonicalTargetsRole) {
+	if !r.IsDelegation() && data.CanonicalRole(role) != data.CanonicalTargetsRole {
 		return nil, data.ErrInvalidRole{
 			Role:   role,
 			Reason: fmt.Sprintf("role is not a valid targets role name: %s", role),
diff --git a/tuf/validation/errors.go b/tuf/validation/errors.go
index 471b9c9c7b..6cca0dfaea 100644
--- a/tuf/validation/errors.go
+++ b/tuf/validation/errors.go
@@ -93,7 +93,7 @@ func (s *SerializableError) UnmarshalJSON(text []byte) (err error) {
 		err = json.Unmarshal(text, &e)
 		theError = e.Error
 	default:
-		err = fmt.Errorf("do not know how to unmarshall %s", x.Name)
+		err = fmt.Errorf("do not know how to unmarshal %s", x.Name)
 		return
 	}
 	if err != nil {