This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-movabletype-12.0-squeeze-x86-ovf.zip.sig gpg: Signature made Tue Aug 21 12:02:51 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 6ff45b2b75a91df50becdebb7939b63d6fa37142 * md5sum f4bd9b37cc8506bcd8721baf5c54713c You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQM3jdAAoJEIXCXpWhbrlNgjEH/06t3MDpPMPhqE5w8BsGvShQ u9mVoMk/wp+Rulh+BlE58HzGG0qDO+gHuP3y8fetmiKX32ToinPE/IAgoYBiBmBl skU1VdUNBH0y84u/oVhMUpFJKWbTccWvbtCcJcATF1aqLiT6jkSXdK4Sust0oDcP DIgS7KnqGRaKfujTMvjTeQ2WQN38b7ipw49h678xN5XD/0Kv8gL9SgbMAdr8iCgs 74h79eznuhOoW59LPt9FBltUGIZDVx1/TgKcEpyDyBDwO6Pme5v75+WlXJeLv/4S 65d5RCy1n4AweJXcCV3Zi1MD/7I56nlgqR4dMOgmiryu+IshXn1BCPuth1gGypA= =w3bL -----END PGP SIGNATURE-----