This signature file may be used to cryptographically verify file integrity,
like this::

    $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-mahara-12.1-squeeze-amd64-ovf.zip.sig
      gpg: Signature made Tue Jun  4 14:05:43 UTC 2013 using RSA key ID A16EB94D
      gpg: Good signature from "Turnkey Linux Release Key"

For your convenience we also include file checksums:

    * sha1sum  824dcb3bfc4839e639cbd145161e5d67cf3b4f48
    * md5sum   f2b9b643bef9dc8ba00870afc331b9ce

You can calculate these on your end and compare to check for errors, but
cryptographic verification is recommended for security reasons.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAABAgAGBQJRrfQvAAoJEIXCXpWhbrlN9EQIAOL0RBqc0613prrd58Dffhbf
XLVknWUuvmUFTwt8anB1bOmevUDAWG9LcCvBLuyo9hNmeAuU5Q65RmBj9Q7cuyge
0xK+YBMuqILXwf8rd3tRJrUm6afJGfvhkj6Q2XUD2osLFbn/0WZHRhJISPwTWg9c
yECJB8IJLClI8hCbtwu0I3JwJ0p/Zr+rpbSm7eWT2RhZ5LGLdW0jBYonhU2RntpD
DuIE2Jly39kjBxtMRYFWF7fv6VreezZ8k6ASlPj/kCmiSruVhyovy1o5a3r7ZMtb
4QRAgV4PaZDcgql9TclCkX7gsw85Kq/3HMPZX0AehK0cH0O1l4zc6wX9aaecrHM=
=Cswv
-----END PGP SIGNATURE-----