This signature file may be used to cryptographically verify file integrity,
like this::

    $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify debian-7-turnkey-tomcat-apache_13.0-1_amd64.tar.gz.sig
      gpg: Signature made Wed Oct 16 10:33:02 UTC 2013 using RSA key ID A16EB94D
      gpg: Good signature from "Turnkey Linux Release Key"

For your convenience we also include file checksums:

    * sha1sum  debe6702a756af0583fd901f5edf2891de2e4f99
    * md5sum   3426220bbdaea2b78502a2a31654385f

You can calculate these on your end and compare to check for errors, but
cryptographic verification is recommended for security reasons.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAABAgAGBQJSXmtVAAoJEIXCXpWhbrlNwQkH/0vpEAUsgM4w5eBdqabFFVXI
ajej40GrEzokF2VpGpYcAHgYriWLKoJ5/lD5CshntHw9ZX8UJGQLeNhApy8RTB6x
rqenAMiasyC4GY4lZy4WtUH8UkSpL+SkCBqbEhpqrocQGLUuxrH/S5bu8khEcmpZ
kZ2MkmYOej4Mz7Ywddxg6g0izD+BIaGvgqS/UofKU64YEajtx7KUvUgFw///qZWG
peUnyi/NdLe78wsYZLn40x6Pf2rK5JE88oM0x24ZwMcPBYnesK862MYczcjzcyw5
TooA0Nx1PAW9NmekwSW5jSDVdkhl3MvEsAhY8aNTVSpxLvyZbTy9R0PpqChl3G4=
=MMXj
-----END PGP SIGNATURE-----