This signature file may be used to cryptographically verify file integrity,
like this::

    $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-web2py-12.1-squeeze-i386-ovf.zip.sig
      gpg: Signature made Wed Jun  5 01:09:29 UTC 2013 using RSA key ID A16EB94D
      gpg: Good signature from "Turnkey Linux Release Key"

For your convenience we also include file checksums:

    * sha1sum  f76318fb8fe9015ecd9c48aceebd296ac57cb4cc
    * md5sum   75686a0eb3a25fce9755ebda181a0c38

You can calculate these on your end and compare to check for errors, but
cryptographic verification is recommended for security reasons.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAABAgAGBQJRro+7AAoJEIXCXpWhbrlNLbAH/0olUi9kl3p8bU//8Ca1mJrh
1ruRm9zR6cO48YxO8zpUimq/IaWloGdWccBVAGnsDpiRYL0arxYtDza0MePuoyNI
8gi3KzvxeamPMCfhAAhSbNlFnG+7B6hsElVufrBvgyC23FWOhLv8pl31TEICQQLC
JVEtvrNyjouRh+s20Blr0f3QOzmtx5AnMf0KWUrkzfHXI4eXqmJNx67hj7iumpwH
H7wmLcF8S9EG/92ZShZebsRfMMyZLcf1f1FAARuSro/j1aNChcy88h0eA39Zfe+Q
r7h6FMbFkDnfHMTHBEMK7ncxLmVjNuWiHFZjr7PETS7sZGTloMnwyhUffrzHYP8=
=UzO+
-----END PGP SIGNATURE-----