Looking at https://www.torproject.org/dist/torbrowser/3.6.4/ I see that there is currently only one signature on sha256sums.txt for this release. As far as I can remember, every other stable release in the 3.x series has had signatures from at least 3 people.

Is this an aberation or should users not be expecting multiple signatures in the future?

I was just advocating for torbrowser-launcher to require multiple signatures when this happened: https://github.com/micahflee/torbrowser-launcher/issues/113#issuecomment-517...

~leif