Download page should provide digital signatures for images
Currently the Download page only offers hashsums to check whether the download wasn't accidently corrupted during download. To check the integrity of the image it would be useful to have a OpenPGP signature file to validate that the image file hasn't been changed on the way from the build system to the web server by some attacker.