This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-typo3_12.0-1_i386.tar.gz.sig gpg: Signature made Tue Aug 21 14:52:30 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 766e742510eba4c1c28daae0234d749ae759d9c6 * md5sum a81f532f02fbf6120f9ff4883e1e08e7 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQM6CjAAoJEIXCXpWhbrlNM2QIAOshisIzQFp0gFuVEg46vsU3 ezxAeHx2456HK/UFLaVCVbvkoWDdtBoOO6q2X0EpUhnfJuThim6YnUUEzJXK3lbz 3nYrwzZtRmsURq+AtgGbYpWTQxiYF0bCx6EhwKFxd8idngpvnfAsg9XJE5WXZOL9 3ntxrqET+YLX7DcVanMtLQhj6DlVKBju4/dD7lvYq5JPWrmqiTGDDbz8Cy2LDE0Y Nv1Q8s+elIYajaZwJMOrWFP5oM+qkI5UYA5rp2UnRk7J4RZZuhwhkRwgz5J/9feb bxhWr/GtHfKlq+7n0p4ftKQnfh5QODYQoTglOO9YMquDNdfrQrcP3UlDoLZo7qs= =bpF8 -----END PGP SIGNATURE-----