This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-plone-13.0-wheezy-amd64.iso.sig gpg: Signature made Tue Oct 15 16:38:52 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 54a215f486178138afa937fa6d365b4fc867c86f * md5sum e7d7bfbec1256d4abcb2c80156b5883e You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXW+QAAoJEIXCXpWhbrlNmbIH/3W2Gphb0xoDuEp3ZnfFn0lD z7eqlThGpP/Y6zpNaLWrJmBTs6+D5idOVgPa828erFPewV2p0BFetbILO414BKka 4O6ge6PK3v618umoQEBSlEjugi4US/ZU+FABNjE8jOMGDLMJ/eloa3FAnVsIpqV9 G95O+tI8n9ZkC5eMZm1ZipMQ2NJnG/vq9QZaGU3LV5SEVB9tmVnb4HF6Y9AzLIB1 tS5Hxm9gvlRECDpx8ILpnVTBFvGCx4tr6eLYkfl4+SgYgWOWmHWOIfuWdEwxZNI5 1fe4lx68193/82AVGnY+LjxLL+ougbfGzbGmcbuOqNQ+39CG/qqkIvoOkc3ENyY= =e6rf -----END PGP SIGNATURE-----