This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-zencart-12.0-squeeze-x86.iso.sig gpg: Signature made Sat Aug 18 18:25:50 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 04e05c9e4a5a0194a5d7920776ec2535a10af1e8 * md5sum 13236d726f4c6851f16e8d9d6626da6b You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQL94jAAoJEIXCXpWhbrlNxGUIANFkPyNr3jq7k/VHmat+WkQf j+SKgduQRa2kfZReTigPSfFvVFzhTkZQ2EQGTbXGD3YqrQcJW6NN17WSbiSH/+V2 BlSQtTd9rMoHxU9GK6NcYCXTkHK9Fw/QAvzl0a+w7kKvB7+iRg7xTrzsDZx5hk0B UTiqMAUPMtm7Kg2d8oLeC8zxsc5YkSLWXd4KMo4TMnsBfM7XAgecTHZwXSFS0OMN TocWbKrWbBzYI5kvmWtrAV8HxoYxnfPawRgHBqVQojtKZ2r+hpY6PogjfHFdiwx+ 5msdgbxJkrrlNhr7niwMfaLYS3eApCX1oKr5XeAcBq5+N3QJ2v93Jy56Bi3vOEc= =Rc4p -----END PGP SIGNATURE-----