This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-asp-net-apache_12.1-1_amd64.tar.gz.sig gpg: Signature made Tue Jun 4 12:26:40 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 35db2f0a051bde639a0bb12d04f237a3134a7651 * md5sum f48530cb687c46a194ba8407e15c217d You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrdz5AAoJEIXCXpWhbrlNa1UIAORKyHFpe+XfbfahAHiKwNw1 Ejb/Dd8xwPZw9LcLYAdY18245TXueFmH4FDrYrYL/sJDcpZiWxIrjdlZa7fMM5oI H2Pvvy+lLVG4tHQ3IlHrWIXDHzVjIR4Xo4g+WTDDZ0BgSnMw7rkwJ6TVMhQaLGDN g+HeH9VIg2x0yYFjI3E8EOXDgaICpB7OkUgTMbhGt6EjS3mJ3X/1FRtN8deO4A7H sWMBx6BGL6t6piRYK3htlWB4KUEYglWsus5cgbfMfN19k64YIlchlX1YuJW+FmUE tGgnbapS1TPm9Qagd9N5wWR1aOMV3o75ErBYybc4GSquOkOd5CCmYwGKb2DtPmM= =DB9X -----END PGP SIGNATURE-----