Menu
It's possible to use the same strong name key for multiple related projects/assemblies.
I'm interested to know whether there are any drawbacks to using this approach. SPecifically, can it lead to a lack of security?
One area I'm thinking about this is in the use of the friend assemblies.
693
If the assemblies belong to one solution, I think it is feasible.
Strong key's main usage I think is to identify this assembly is built by a specific person/group. Strong signing an assembly does not bring much more security to an assembly.
You can only make sure that others cannot sign the assembly with your key file, but they can crack it first and sign it with another key file.
77
If you take a look at a recent web.config, you'll see that Microsoft uses the same key for a bunch of assemblies
23
It can lead to an increase in security. If I've good reason to trust a public key one time, I've a better reason to trust it a second time than to trust another public key that is supposedly from the same person.
23
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
