This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-typo3-13.0rc3-wheezy-amd64.iso.sig gpg: Signature made Fri Sep 13 09:38:39 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum f73d86b1579b5a318fbcf9fa7faea73aef74fd7c * md5sum df3aec42f20d5e4517fb6345c41dee13 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSMt0WAAoJEIXCXpWhbrlNaZoH+gKq5eMGvETAbkVHxzvb4RML NX666JCoO4HviJDhtyqACippidM5WaM8vUww59rGtQotbvnxeeaUlavEpihHS0Pj cTa95J2Aww3ZkfLJyZu9bPuxPEYS8j5fkeUjRZUK0nhRcP6lAofcyaoV0y2QS5Wy 0lW7udzIPDNkpuzgPsN41P7j0cR7imlYeqIvTD5gJ3iinFKK6guKcoLPjuWDGp0L oTJjMF3COruU6sUMzn4+FnnC/7q1OJy9bT3kEtRpgDZ2+JaJw5cRHog65CiNLJcZ Fm6LOhb0U1nCIGbaXa8c5rTiPovzg10VpZZ6zxjhMAM+TzZGXLEzZLEXM91teB8= =pvsf -----END PGP SIGNATURE-----