This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-silverstripe_12.1-1_amd64.tar.gz.sig gpg: Signature made Tue Jun 4 15:58:49 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 8e42709e97632239b3eed37a1e95e1dd03ddbb5c * md5sum 9f66f4400edd8a0817c5747382990f2b You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrg6yAAoJEIXCXpWhbrlNq2MIAIhYY6eBY+P3Iw8VbsZ8oE+L YmwD961ji+00W2RUAa5/1ACuUoXJK4LlcWC1FHnbAi8h4Dwsex45b78A2LqZMyq4 t+YQqpDMoJO+uBxZmov8gbgWPIeJcf2+2njbd4VWDS6QHb2Zrm3Nbg0r+0JuBdUi B4zZlIw4AYXoRKSRMZdCmQ9M8q4zQosVZNaa1k0s99na63rQ9XyuEMueerTf2FLd bD5ovfd4CixkRpnSK53+d9/RC/JPoLOXZoLalutBlSuOLjMf1LJf0mrzA96QDVQx ZfPKaB6bTwdKND5VLWqB45X4GLb/DLnleKKSK8t7/rkSiJEZgF6nP+Y8u/vfovw= =a8v8 -----END PGP SIGNATURE-----