This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-drupal7-12.1-squeeze-amd64.iso.sig gpg: Signature made Wed May 1 12:34:32 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 01e81be3d8077d426e8582bc064093d6a277ec7a * md5sum 7f2c89821e2f6b0dd5ba075ecb023822 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRgQvPAAoJEIXCXpWhbrlNxCUH/jy50ldE45nQL65/s7EMF7Ql SZJaRNiT4xfKu8vBj6CgIxLEBTa0a+ITfCpn26cVZCzvn1iWiA7BCbC3nvqjvlAa iBpOzkoPB1nv6Hh9BBriNwHp3f0nzy8bjEhAuSIRW8D8ZLbZbIlQq0gfxW0lmoHY xc/PD4sX54cTG6kj1iJU5WcVxsRvZGDJc1vm74Vilw8UNogr20thf0KVJfwyJnVC O0mTsLZp0k48LTYB9MljmM6/BVS1HHOGPmv92z7qwaWrVFWcYYTfNQunKaWWpqp/ pXnRhh0uucK1f2//wHARxSE3bNElOAKM17KcnbxM61yrCtMYdk++W1ob15c8XBA= =02to -----END PGP SIGNATURE-----