What signing method to use for public open-source projects?
Posted
by Irchi
on Stack Overflow
See other posts from Stack Overflow
or by Irchi
Published on 2010-03-26T07:43:52Z
Indexed on
2010/03/26
7:53 UTC
Read the original article
Hit count: 304
I'm publishing an open-source library on CodePlex, and want the dll files to have strong names so that they can be added to GAC.
What's the best option for signing?
Should I use SNK? If so, everyone have access to the key. I don't have a problem with everyone having access, but is it a good approach?
Should I use PFX? If so, does it mean that other people downloading the source code are not able to build the solution?
What I like to do is that I am the only one person to have access to the key, so that the signed assemblies also have a level of authenticity, but meanwhile don't prevent other developers to download, build, or change the source code for themselves, and be able to post changes for the main project.
© Stack Overflow or respective owner