This signature file may be used to cryptographically verify file integrity,
like this::

    $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-canvas-12.1-squeeze-amd64-ovf.zip.sig
      gpg: Signature made Tue Jun  4 12:34:06 UTC 2013 using RSA key ID A16EB94D
      gpg: Good signature from "Turnkey Linux Release Key"

For your convenience we also include file checksums:

    * sha1sum  244c008ab71515de821e4fb872f85b43c3f84769
    * md5sum   2e9caac5a2241e6a69c2643eca35e7c4

You can calculate these on your end and compare to check for errors, but
cryptographic verification is recommended for security reasons.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAABAgAGBQJRrd6pAAoJEIXCXpWhbrlNzH4IANEMAMei5kjauuf5Ep7kZAul
THr6CmI0By2k47584tIdfKJ+q+HDefGTPVYPvbxaHfJMUlzX1FVE45aal6zcY+ET
SPslV3YuMQrMddbJodAox/MMC52x3pI3fOD6Z3abfWAd/LswDhdN4ggcXBMCc17b
GRk0cpCmcJ/NLbp2YTtM7A1A/9elptsEk6R4Rd7JQPGgDReMVyQoItGAed7CivH/
CZAUoc4NjrJfZ9OrL7q1QK/Svi2YvLJ6Td6flArTDpWuK9EHJmF7ke8hAcq/znvw
FEFLFwbVu3tDEXUKMtxo8Tzw+RxoWBaX42Uogpm+C3MAipItxWkrG4elQKX9eL4=
=1+xg
-----END PGP SIGNATURE-----