Software Publisher Certificates and Strong Name Keys are they related?
-
27-09-2019 - |
Question
Should a Software Publisher Certificate granted by a third-part Certification Authority be used to generate a Strong Name Key for use with .NET assemblies?
Edit:
Another way of stating the question is whether code-signing and strong name keys have anything to do with each other or are they each worlds unto their own?
Solution
Not necessarily. Anyone can generate a key-pair and strong-name an assembly. This has advantages in preventing tampering and providing a signature. But that signature is not easy to link to a publishing party.
I'm not even sure if you can use a certificate to sign a normal assembly but it is a feature for ClickOnce apps.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow