This signature file may be used to cryptographically verify file integrity,
like this::

    $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-tomatocart-13.0-wheezy-i386-xen.tar.bz2.sig
      gpg: Signature made Fri Nov  1 09:51:58 UTC 2013 using RSA key ID A16EB94D
      gpg: Good signature from "Turnkey Linux Release Key"

For your convenience we also include file checksums:

    * sha1sum  134f4ea6d843340972c3d82e5d7ab0d5c99a46bf
    * md5sum   6455d7bfd80e6845eb30713600e70055

You can calculate these on your end and compare to check for errors, but
cryptographic verification is recommended for security reasons.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAABAgAGBQJSc3m2AAoJEIXCXpWhbrlNoY0H/i6pYQoWnvmH9SvDeYSj1EVv
eRyTzEWJ7DBE09bmJIyGm4IcOHWalKnOoLMcU81iYlsXlZS1G7x612z9BN996HNy
cdPZiR3UQ/7I0RQGNe6Lk9LwYCbcEMwvW+cmI794HJVuOhA05oMKI60/ZL0cfZyr
eO7+1bOqaH5ssqZwP9U2eon1dAaM9JVignYkn/JFK4EDZ8l3rqL2JZlg1B+gr2tv
NVEK6SyQeFP4OuqEISC2Sfclktm4vQYqqOsq+eG7ZXbqJZxXm9rzna8/mNbSRd+V
DnI2jNu/qVO6t0vNCHd1iyYSicoVJRGxhKLzkMCDnL4JHLqdobF++Rjn9bobh1k=
=vnSR
-----END PGP SIGNATURE-----