I could not find any signatures or checksums for either binary or source rEFIt packages. I guess I did not look hard enough. :) Where do I get them so I can verify the download? Would it make sense to display them more prominently on the download page?