This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-django-13.0rc3-wheezy-amd64.iso.sig gpg: Signature made Fri Sep 13 07:51:43 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 12b6e85486aecffa8ae9c48fd415260a519e81d9 * md5sum 83ffb65eeecfe84d484c1cae16ca399c You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSMsQIAAoJEIXCXpWhbrlNH9QIAIvfR4Ey7o2g0BcAiyTqQokg sYDRcFKFz2SE4uUHmOVuA5gk8D4s6AiHvdSfyJyuQJKYrybRW4NiViOJ2mZDY0e8 kCoIau9sG6GzRkNhaz3AFktKB6EK5+MtPNNyTE6AjFR3CyGTan+UsWrMfnIYCx3J RoIlASncZD7u/goxKl+z4UBu6V3zm3kiqbmIHD6r4WrwqcL6lXcm2tVgYZHwT0FF hDK7VePLIApmfSVZ2wIXbKQ8RHXjcFJ8pEI4ZMvkrd9WvJX7rTgkq2EhJPdzWeD3 wYZuGH9z9PEaQUiMphVUGoOHz4orY1i2xXXBEjmXLdxL20vAa/lmaGiXs+JO7bw= =kOX2 -----END PGP SIGNATURE-----