This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-plone-13.0-wheezy-amd64-ovf.zip.sig gpg: Signature made Wed Oct 16 09:51:32 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 8d7255e9b6c84f9d25eda444d0c4c7e80135841d * md5sum b57b00e31f4c58cee5d9e0dd7f949277 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXmGZAAoJEIXCXpWhbrlNtoQIAKlYM1aDdOqKMMD7n4Q3PZPE Iuo4n+WyfePYc5hGw70MYok+0PVIYrbf0MlxRZcMxRfJX4im6jrH58lhl4urmoX4 AkWhtZ3tFXHWs/K0QM6ZIo5UVZIS6AK0QCZuOH/NZs8c8NQgZgg6/UIlsSu+wwX8 RFpt1EK94hl2qPEvd8cOGm5Q8IXNir0YcbQq5r7hPbmg2ZnpIzk7FIsh1NL+OCRS /Kr3DeieETtB+NitqRv7aefc78amlZLb/Pf0BGtsiEyk8do9JDSqnus7AEZNhJc0 obkp5GUEjlzisl6k4rKiwgl9AITMOqaVC4Zknn4Ljk+t1urGf6zC7wQ7+wyE+pc= =BqKx -----END PGP SIGNATURE-----