-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-silverstripe-14.1-jessie-i386.iso.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-silverstripe-14.1-jessie-i386.iso
      a4981fc325fee22e3188bd2da49a8f3d

    $ sha1sum turnkey-silverstripe-14.1-jessie-i386.iso
      38c52a2bcb9d11b07dfcb6798d66a639a00a5f74

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXCkP0AAoJEIXCXpWhbrlNJv8H/i22RVD+RT+kxRLJSzQrk1cd
Nl0bsFDmi8BlwGIjD6KynRXJ2g0OI0UWccBld7ZIHYC+NKTa01ZjgzynSvuocMbb
FV0bRc6HamFuXkNtC6vXBRIa2l9+Bzl1TP78JQdximJddmdXbr/nGZoRhcCAuVsr
Erizmlnd/brzoFAR9aZgVcYba5cMQmEj09yYNeMw15tTsHDScfEOgpGb7FMVfI32
KOvUL0JwTFgnBkZATSa3x2RwM37sci5S3Wr6fEazoCLvrInzjK2I9DnjppILymO9
gO9Hr5AFfXmaw0ypL87qZ0syYZrupMllkqeksObHdOeEVlX4Tcbl4LUKsPntzjk=
=yApW
-----END PGP SIGNATURE-----