diff --git a/internal/oci/attestations.go b/internal/oci/attestations.go
new file mode 100644
index 00000000000..1552e60d970
--- /dev/null
+++ b/internal/oci/attestations.go
@@ -0,0 +1,28 @@
+//
+// Copyright 2021 The Sigstore Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package oci
+
+import v1 "github.com/google/go-containerregistry/pkg/v1"
+
+// Attestations represents a set of attestations that are associated with a particular
+// v1.Image.
+type Attestations interface {
+	v1.Image // The low-level representation of the attestations
+
+	// TODO(mattmoor): Accessors that build on `v1.Image` to provide
+	// higher-level accessors for the attestation data that is embedded in the
+	// wrapped `v1.Image`
+}
diff --git a/internal/oci/image.go b/internal/oci/image.go
new file mode 100644
index 00000000000..1010df0325b
--- /dev/null
+++ b/internal/oci/image.go
@@ -0,0 +1,32 @@
+//
+// Copyright 2021 The Sigstore Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package oci
+
+import v1 "github.com/google/go-containerregistry/pkg/v1"
+
+// SignedImage represents an OCI Image, complemented with accessors
+// for retrieving signed metadata associated with that image.
+type SignedImage interface {
+	v1.Image
+
+	// Signatures returns the set of signatures currently associated with this
+	// image, or the empty equivalent if none are found.
+	Signatures() (Signatures, error)
+
+	// Attestations returns the set of attestations currently associated with this
+	// image, or the empty equivalent if none are found.
+	Attestations() (Attestations, error)
+}
diff --git a/internal/oci/index.go b/internal/oci/index.go
new file mode 100644
index 00000000000..f94eed5772c
--- /dev/null
+++ b/internal/oci/index.go
@@ -0,0 +1,40 @@
+//
+// Copyright 2021 The Sigstore Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package oci
+
+import v1 "github.com/google/go-containerregistry/pkg/v1"
+
+// SignedIndex represents an OCI ImageIndex, complemented with accessors
+// for retrieving signed metadata associated with that ImageIndex.
+type SignedImageIndex interface {
+	v1.ImageIndex
+
+	// SignedImage is the same as Image, but provides accessors for the nested
+	// image's signed metadata.
+	SignedImage(v1.Hash) (SignedImage, error)
+
+	// SignedImageIndex is the same as ImageIndex, but provides accessors for
+	// the nested image index's signed metadata.
+	SignedImageIndex(v1.Hash) (SignedImageIndex, error)
+
+	// Signatures returns the set of signatures currently associated with this
+	// image, or the empty equivalent if none are found.
+	Signatures() (Signatures, error)
+
+	// Attestations returns the set of attestations currently associated with this
+	// image, or the empty equivalent if none are found.
+	Attestations() (Attestations, error)
+}
diff --git a/internal/oci/oci.go b/internal/oci/mediatypes.go
similarity index 100%
rename from internal/oci/oci.go
rename to internal/oci/mediatypes.go
diff --git a/internal/oci/signatures.go b/internal/oci/signatures.go
new file mode 100644
index 00000000000..d3c1972a951
--- /dev/null
+++ b/internal/oci/signatures.go
@@ -0,0 +1,28 @@
+//
+// Copyright 2021 The Sigstore Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package oci
+
+import v1 "github.com/google/go-containerregistry/pkg/v1"
+
+// Signatures represents a set of signatures that are associated with a particular
+// v1.Image.
+type Signatures interface {
+	v1.Image // The low-level representation of the signatures
+
+	// TODO(mattmoor): Accessors that build on `v1.Image` to provide
+	// higher-level accessors for the signature data that is embedded
+	// in the wrapped `v1.Image`
+}