This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-symfony_12.0-1_i386.tar.gz.sig gpg: Signature made Tue Aug 21 14:44:46 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 98e93a3e6c69cfeaf288f73f2c718565726244cc * md5sum f6b6ba31bd77b4108e25e8909ca89235 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQM57UAAoJEIXCXpWhbrlNj/0H/jCBSwkq/D62MdQrbjDsRR/l 0r+yJ29OWdjMbUvFZx5dYC27jJ+7jdOQ1FxapFb5DT9spQ5crCtE/DsFcds6JBly XTjv6diKhV7mbzS2PJGC1m/nrRC7llyf//ArZK4tXqEKLDXMFVbwmIATAgkwOc5D L+sftHPAfJKLYx2w9/fUpm5G/cZgf8tqVOwNk90HUVPfhst1D6jmnSvHqlG8S9WW pyx9tmTmbHfjWl7iAvJU80Vk6lPfeT5R4z6PfPsYna52cvmMVbq83zI6ILX7yodP O2P4fIK1pT0EOCSdbMqfhbLX7KhiV1wED5eEg1O0HcgUqTh7k6ic79RCF3Sb698= =857I -----END PGP SIGNATURE-----