When looking on https://multibit.org/ I don't see any gpg signatures or hashes I can verify with to see if the download I have hasn't been corrupted with any malware or something like that.

I know it's more of just parnoia/OCD; but that's just how I am, lol.