It's not enough to have signed your DLL with a self-generated .SNK file. You need buy a full-featured Authenticode signing certificate, issued by an accredited trusted authority. Do shop around, options ranges, e.g. from this to this.
Once you've obtained a certificate, here is how to use it.
Supporting IObjectSafety
is required, but it doesn't make your control automatically safe. You just declare that it is safe, it's a statement. If you get your control deployed on 1000 pcs, then someone creates a VBScript trojan abusing the API of your control, you might get sued for the false statement. To stay safe, you should use something like Sitelock
template.
However, if run your pages locally via file://
protocol and do the manual deployment of your DLL, it's a different story. You don't have to sign your control with Authenticode in this case. However, all ActiveX controls (safe and unsafe) are disabled by default, for security reasons. More details: Understanding Local Machine Zone Lockdown. You can get around it using Mark of the Web.