After you have downloaded the MySQL package that suits your needs and before you attempt to install it, you should make sure that it is intact and has not been tampered with. There are three means of integrity checking:
Cryptographic signatures using
GNU Privacy Guard
For RPM packages, the built-in RPM integrity verification mechanism
The following sections describe how to use these methods.
If you notice that the MD5 checksum or GPG signatures do not
match, first try to download the respective package one more
time, perhaps from another mirror site. If you repeatedly cannot
successfully verify the integrity of the package, please notify
us about such incidents, including the full package name and the
download site you have been using, at
<email@example.com>. Do not report downloading
problems using the bug-reporting system.