Signed SHA*SUMs did briefly appear on the main and mirror download sites for the installation ISOs.
However, once the Live ISOs were uploaded, its (unsigned) SHA*SUMs were merged with the install ISOs' SHA*SUMs, and replaced with a single UNsigned file. I did retrieve a copy of the signed SHA256SUM file for the install ISOs before it was replaced, and include it below. The sha256sum hashes match the hashes that are in the replacement unsigned files, and the digital signature on the signed file included below did verify. (My mailer and/or this mailing list may mangle the below file - there should be NO line breaks between the end of the sha256sum, which is followed my two spaces, and then the ISO file name.) David. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 13dc08249d0c1e7885a9f304e6ae510737112bcf593e875a71b81feff1fd37a1 SL-62-x86_64-2012-02-06-Everything-DVD1.iso 5a039a53d8cba4b972c720ba58865b47656d6c1aa80b44b83aeb046983df92f0 SL-62-x86_64-2012-02-06-Everything-DVD2.iso d41c280f46c6239619384170df74639c19813a4a86f011fa6f15e546e8874279 SL-62-x86_64-2012-02-06-boot.iso 48b6af8d71c272591cea37c99e7c67d310b352ef00a5d4ac2b2563fbb90a2f9b SL-62-x86_64-2012-02-06-Install-DVD.iso -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) iEYEARECAAYFAk8xQx8ACgkQsLQYPxkqfX1e8QCeMsza0Udokn050GFaMOhnUT9x DlYAn2ny/nM05iA8EDPhxEOHEHkwu2uo =ImgV -----END PGP SIGNATURE-----