This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-drupal6-12.0-squeeze-x86.iso.sig gpg: Signature made Sat Aug 18 17:00:55 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 605d353a7c14efa702c942db9c3fef344f2b4310 * md5sum d2f14dd57a7b3b43c59db2806aa45115 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQL8o9AAoJEIXCXpWhbrlNqf0H/1myBgVyi70hDZvzqKQCnK9Y Xdui5Hdo9LYm2l1dl+FPbGfnx9lOrwiyJUxZ/rMChrt+iY+9RYssvUyPXb3GCD8O hDspMG/9c+IbdoTd+D41GpCc+Rms+6EYrLVanbVkllrJY040zSiPo2kqKulgNvh8 ZHqUJsBRdXon0C8ra0ZkGzyWQuImPppaHwS0y7ukhIv4Z+ggbUxOdF7QNaUVD72o vgmf2ta4Lz/JJb9QwSmYEdk/wO8MeRsXG3DZMOJ1LGFrQHwE0oiUseN7Bp7UvGFw XkK0/E19ol4Pmv3kzNd46um6TN8UbMBlpsr4aR+CBwE+/6Jnge+wVQKKB192o0Q= =lMry -----END PGP SIGNATURE-----