I've just tried to download MyEtherWallet from Github. I've noticed that, as of version 6.5.5, releases are no longer signed with a pgp signature.
Why is this? Is the Github verified signature considered secure enough to not require it?
I don't know what I'm meant to do to ensure the download is valid. It comes with a checksum, but I can't find another record of the checksum online to compare it to.
Neither can I find anything online about why the releases are no longer coming with a signature.