We don't support digitally signing updates at this time. We realize this is a potential weakness and we'll be adding it in the near future. (Edit: Digitally signing updates is now supported.)
However, when updates are downloaded they are validated via a checksum & filesize check to assure that the updates haven't been tampered with.