This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-simpleinvoices-12.0-squeeze-x86.iso.sig gpg: Signature made Sat Aug 18 18:06:13 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 2db2e927c958d3e4bb247670366a9302ed1a207a * md5sum 59d3890c5d2cd82039d301cc768aa57b You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQL9mJAAoJEIXCXpWhbrlNPOgIAOmSvE089//oQLWehVYhyc7Y q3KmajJz5U2H9eG8seTjjpmwT5x5HaXtxRAfrUtoe82KLdKz+U+ITS8B9n89OKQN dpq71Y3s+MZEbef0SuOicj8Xwr2r3jIFiwRVMaFZ1GwKXaoXImX/A1od6EPro8Ph HNQRbl1NmJ7zDKAJaLxO7U4ZONCJgUKv+ZaW2WI1kjggyHn1If1PWHv3CxGGWGwI x/UPJsM7A4l9pqOhnNJ4ym7VWTpLPBZ3AnrD/FQp5Oo7J5Mgx8wLAtfMK9tCoj+q L+MnVHcLq7qwGZ97lA+8YbdOZROmuvwAMhpKKZZsR0JEL5iE2zXgPsdrcfvaL3I= =8LKG -----END PGP SIGNATURE-----