This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-revision-control-12.0-squeeze-x86-ovf.zip.sig gpg: Signature made Tue Aug 21 12:22:13 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum b7b2ebe364e016aa80628a2a6f221ff0096d38ab * md5sum b6fb36f8916b83470fc6f09fee2cbc28 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQM31nAAoJEIXCXpWhbrlN9MsH/RVrYOSu1qE6OUJFB4ZmNyNk Bovt5MT3Z5VaDlSgnPzm3x3f6YDqm3XZsVRGkrRLtUKiJFw+o0DFS+LhQ2OkPH7v 9WlEJAnV+LJfi0iLfIfVzmW3AvLytvMm/8pbgBksUaRgWziGc0FWOMzxrx79ujuS gwALitUkHE1zg4RmBB8uoDy+acEQL0hhTcIdnl0WJwfg4fmb3k5iFCHAlFeaDCgU yWqv9myd/kditiz7f/ggHY3N3Y2dpaxA2QeGOZapKLq5KtdIWmsxSW2TEjjsf1yS /KLvXyN1X6MS5tcRX/i3nrC0HbPW7rKMZ42h51+x2w49vDctU84OSSwo/fwWU2s= =xyQ8 -----END PGP SIGNATURE-----