This signature file may be used to cryptographically verify file integrity,
like this::

    $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-yiiframework-12.1-squeeze-amd64-ovf.zip.sig
      gpg: Signature made Tue Jun  4 17:07:01 UTC 2013 using RSA key ID A16EB94D
      gpg: Good signature from "Turnkey Linux Release Key"

For your convenience we also include file checksums:

    * sha1sum  90a914718bb4d9091f0297af0cd20204d5ffab13
    * md5sum   01a9fc3f2fb6762356db1fdcb3d01088

You can calculate these on your end and compare to check for errors, but
cryptographic verification is recommended for security reasons.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAABAgAGBQJRrh6qAAoJEIXCXpWhbrlNS0wIAKIZzzdPw+A3cmWRJnDOK1PT
mGJqpxUF+yst3cFI2sULbvVrdgQa23YRSxlo9c4spJ4kBzIXCiisFGdZETB9euT/
3KGcRXRhwDwuw1RfSDAYDrqfINATQTd5RSohsUR0u6fe585Q+++hqVqFyr2vJrgz
PjhMXM2KUDVGUY4r0Y0OxbxPn45j3zM1Ck4n4iQN0IqX9KEKaYOYsogLo4Jn85I7
roNQN6BAM7IDutFMEyDYNaNl8csePTBdF6neD1t6N2LpLl6F/8w5TlbEr+hJUV/L
cw3FlXcb8hvP6hITmZMmdiuTZSd3rNK6dWMoTrbX9xof4x+4c3kaVren69Asd9o=
=C/rl
-----END PGP SIGNATURE-----