This signature file may be used to cryptographically verify file integrity,
like this::

    $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify debian-7-turnkey-zencart_13.0-1_i386.ova.sig
      gpg: Signature made Tue Oct 15 20:32:08 UTC 2013 using RSA key ID A16EB94D
      gpg: Good signature from "Turnkey Linux Release Key"

For your convenience we also include file checksums:

    * sha1sum  331e9b7010c02b382e52e8ea7732f1c6e0dfaa2e
    * md5sum   529902225c1a7daa766daddd8473db60

You can calculate these on your end and compare to check for errors, but
cryptographic verification is recommended for security reasons.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAABAgAGBQJSXaZCAAoJEIXCXpWhbrlNILIIAI2xtU5WwJmElZt4WP36o9I+
zQeQ280yMIa0xrFuU1c500dTIAbKEp/iSD23gMREQ1J9sHDwk/oU0MSW2Dei3whc
Cd58ATORLlCkzzb8ruKiu1m7nG6vAdf3cd9LCikebarxkY62LoNzs9uzJ3hB2lDa
axzDX1Z8ex1IoO14zV6dU9xN0BPY2KTibT/0dFOaqOo75ik+OmsTtN9PZ9VgrSi3
zIk4afOJPI1NyFEWi/wbThSwYifulpwrMr25s6t8IA5J/oINeADMs1C2UbKqu1Oq
9Y0q9tbGbsigLOZhW5jGA25qDX3QpP4faN0Qu+sAADLceLqnXC7faX+/ZkSUPH4=
=y2b1
-----END PGP SIGNATURE-----