-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-zencart-14.1-jessie-i386.iso.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-zencart-14.1-jessie-i386.iso
      d89d798e5b4dde9f092f710148ba7dbb

    $ sha1sum turnkey-zencart-14.1-jessie-i386.iso
      53f0e43f9f13d210f637981018ba45fe5f0074e5

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXCkP1AAoJEIXCXpWhbrlN3LEIAIUeCAkP2PK8RJbbhW2pnpJA
oCuo0QzHJpPZKu8RCs7CqtsVuozswV1p3CL3X2GKMUoXNusXAnYFZ0Hz8aKo1n68
sitPuBpLQ6O/HLjGpvJQMtKx7avUCzyJltgUsqgW9N0LI3WNaEUkzclzFMwniFKl
fYcrDKFvTBw/tpiz/VjPi9HojDLdlmr4PQVZlLdQ91DhiNG6m1gmIBytMOWb3UaT
DIednuGyxRvSJNqLgezOLCewIp9o5bgJTEVxMlGiserNa5GacgTVV1NhT01RaI0+
nk/mRNKX1OWjsibpvemLuElJgMtR3mOm8eH4+kX3ZAWuY2meW5Q4FthzICofDRs=
=VuFE
-----END PGP SIGNATURE-----