Clarify documentation regarding signature verification
Currently, the Signature Verification page reads "This process is entirely optional. Installation of Android and Mac apps will have their signatures verified automatically. However, we provide signatures for these files if you wish to verify them manually with the process below."
The Android page reads: "ATTENTION: Please verify the signature!", and links to the Signature Verification page where you find the first quote.
Which is it? The former gives that impression that signature verification happens automatically during installation. Is it in fact the case that without following the manual instructions, installing the apk will verify the signature properly, which would prevent a hypothetically malicious version of RiseupVPN from being installed? Or is manual verification required to mitigate such a scenario?