This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-canvas-12.0-squeeze-x86.iso.sig gpg: Signature made Sat Aug 18 23:26:31 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum a9fca1e333a4e406ea704ae052320d3a7afb7acb * md5sum a0c118d912e8e26c9a9940536974dd60 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQMCSWAAoJEIXCXpWhbrlNXhoH/3oxBEnucLBge3t9z0qnfRgD E+qkjm91IPhqvWE7RbU6JiN8MLppBcI1GE+GH8m45Pv85UkHJ0JWuEDR5/S3QQSO 0G1lbhtXkw83bTd/UZY9fJYGqtKRATlzJ41rmh/FcxUO7+fVHQKaa8XTTkynwlXT R3gv2kQ7wufB8UQV/7EWiiUTTAl4N9cLnm0LkQ4CWUsDicyNuuOxOeqsXLDlmkwC eDrAFE5RzmjUcBHp/2jH2R4vJHCcCGUT2iKTJZu2dQzLVZ8jsEkmSXNuuYx79upB ejmESWZ2yKZqWeONKAdgVnDgGkC2vQO9E76c3MfZy9ktNO+OgVGYylUJQL7P/00= =5Tbg -----END PGP SIGNATURE-----