This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-movabletype-13.0rc3-wheezy-amd64.iso.sig gpg: Signature made Fri Sep 13 08:34:30 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 58ccff1f57b381f0aad9dba8a5faa04aea89b6f1 * md5sum 89ba102965d732584fa65dbea8bca8a9 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSMs4OAAoJEIXCXpWhbrlNUugIANoTW24Nw3b3N+CvzJLvDT1w XtFeYKoeR1oatcAIB6mHMgb55DIWakp44UohcOnL5779nVeXjyRGC2uAPPtX2Vn0 QE6m8VFaVFrwn+JtyY00fYv2oBDJlydCYH+MMMUuzpWCk1tkQh35lrKw5un2x8IW 8NrrP0ZIE0T/cPbiOu5sva1vmzCJ6HC5CIzc6hZTia0MoVRd9Kl/4S5F0KB4e8g1 bYfk+eQwsGfSLYaxuGRcc6HKOAYKgMVT0vE1Qq9XIOIC9WxMMQzGUvXZadlxdWn5 pxzYfIQbxl3GHrIhHikK8DKI/3EjAWsbb/ousCKS9JiOO7lzjKgSVjTdgpi+p5w= =VlNL -----END PGP SIGNATURE-----