This signature file may be used to cryptographically verify file integrity,
like this::

    $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify debian-7-turnkey-canvas_13.0-1_i386.ova.sig
      gpg: Signature made Tue Oct 15 15:14:53 UTC 2013 using RSA key ID A16EB94D
      gpg: Good signature from "Turnkey Linux Release Key"

For your convenience we also include file checksums:

    * sha1sum  195aec05c0744e7244cb510b237c7b499a30c3df
    * md5sum   dc6aba147081dc99d6751fcfb1386bc1

You can calculate these on your end and compare to check for errors, but
cryptographic verification is recommended for security reasons.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAABAgAGBQJSXVvUAAoJEIXCXpWhbrlNQwIH/1QUCdw1ntEnHaoAmMXD1OnN
zepYcbmTiQV3+c2W5Osp4Lqa8gLAxzEAbWVzqqkEdcsIcpW0tXOZXwDd8qxMWj3/
dNGs7P5eID5VXSQqFLr5k5MYsZSnlXBfv3rPRtBFtiNuTnl0kcoSSAHaUZ0FWmCe
ApTmlHfgS+dZ479NsrG3OzgEad5Rmrx4wtgRNTHyWQKQwJYGEAssdo/5loMxEOSx
GK73UPO94+bsLr/IwROgpsjWRNB5i2IqVdzh0hJeI/gfg9ptVmckKfCq9uoE1Iwn
kblfRSom7RAP5/VrGzjIfmXt/ltpWT3rHWaEgitnkCzceZVcMSFViOIUe2wiI4Q=
=/rPG
-----END PGP SIGNATURE-----