Sign Your .Net Assemblies, Please!
I can’t tell you how many times I’ve referenced an Open Source .Net project and tried to compile only to be greeted with the “Assembly Generation Failed” compiler error. Some of my absolutely favorite projects StructreMap, NUnit, CommandLine and more never have a problem with this.
But more often then not with some “off the beaten path” OSS .Net projects…
I sign all my .Net projects with a Strong Name Key, first it provides a ‘small’ amount of security to ensure that the assembly hasn’t been tampered with or corrupt. I say small because with about 10 minutes of work you can remove an SNK form a .Net assembly. But if your creating a library that you expect people to use, it should always be signed, why, because you cannot reference a non-signed assembly from a signed project, but you can do the reverse.
So by signing your assembly you make it more usable to those of us who sign our projects, and don’t impact anyone else, seems like a Win-Win to me.
One thought on “Sign Your .Net Assemblies, Please!”
I’d have to totally agree. Speaking of – the MEF preview assemblies put out by MSFT are not signed. grrr
Comments are closed.