This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-drupal7-13.0-wheezy-amd64.iso.sig gpg: Signature made Tue Oct 15 15:05:53 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 39368f0c6b8a8f91a3aa2cd48b6611e43121238b * md5sum 195c3007b549f0b5a8223fe419d7ccd7 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXVnGAAoJEIXCXpWhbrlNTrMH/jr4ygpgxsTB1nZM5CaZFJwo t4lzsCoTnDriN7QfAFe/U0y6DTIUa5SNKwk0WFEgDhzP5mWgEW2SAJ98E4MsoxDF dGdqSSrl9Zb0r1sPBsC+RihC4QlbCFN0j0vkbxJ+qoFgE1jO0uHurkeQx/4bPhz8 0MXlUrlaULYhTITy37pzaIF2IbPCgqFnCcEPxHpnAvWAMVCZGR7xN01qEfozeX6a q7StCY5qF8NiCqPx0it+xb++ygTj/7Ykr7Wx0RtlBKHkbBSU/mnUGETY/clKeYU7 ZZeB7q31qfekBfBnv/VhTKCZZTu6xIZQK13eLWc0P6F71c+5B65VPOqjTG9nik8= =3Gor -----END PGP SIGNATURE-----