Please consider signing your stable releases with a PGP key, or at the least, post an MD5 sum of the file.