This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-typo3-12.1-squeeze-i386.iso.sig gpg: Signature made Thu Apr 18 14:18:07 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum a2fed6052ce2ff7cffdf87efe85e19e02e1feec5 * md5sum f35c8221340e5686865a3a185cc99815 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRcACSAAoJEIXCXpWhbrlNSk0IAMJkcwJWAqHsZWKUtSYZYvPx bFuRtmtu9qbeih4BECk2blrRoH/x7ZtUA38HOf2qhAhl3L5x+MV9o6VTlqO/qCMv q8E4TMKZFWGY4GNt9Yt5D1i6uVfvLGXqeky/2uAzYO8IgFmuquLPtemleDFVbH1X gsvtn1DltNVbXfXmoINPBrZV/CmPFnO7V4h3RzuOhaU5a0CfMaVKoG9XxfSpjns7 /jTfvKYJfhAZ6n6yuaMcSIHRa+9+CMk79t4SyT3z1nOYrFuxc8kUEIjaaqVDRwlK 4GiwjSiObYRzKRv6RQRnnTdrifAfJAfRUZ/UpMEKGidydrtAhoLMwlkU1Pyp5DM= =66GL -----END PGP SIGNATURE-----