Hi, I followed installation at: https://www.varnish-cache.org/installation/redhat
But noticed that the GPG signature checking of the RPMs was not enabled, and the RPMs were transferred over plaintext HTTP! I did re-enabled the signature checking but it seems none of the packages are actually signed. Are there plans to sign the packages? As I'm unable to use them in this state. I did find references to "signing corrupts the packages" - maybe I could offer help looking into the problem? It would be really useful to have them signed. NB: It would be good for the installation page mentioned to also state the packages are not signed and transferred via HTTP. Just so one can make a judgement call, as at the moment it could easily be missed. Thanks! Jason _______________________________________________ varnish-misc mailing list [email protected] https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
