Strong name signing for assembly

[Taritsyn]

Original Jurassic.snk file was taken from the 0fcf4ec commit.

[paulbartrum]

I removed the strong name on purpose as part of switching to .NET standard. My reasoning was based on this article: https://www.pedrolamas.com/2016/03/01/still-strong-naming-your-assemblies-you-do-know-its-2016-right/

What's your need for this feature?

[Taritsyn]

Hello, Paul!

This is a subjective opinion of author, all the more so in David Kean's comment are arguments in favor of signing assemblies.

In addition, almost all of Microsoft's assemblies is still signed. Popular open source projects are also in no hurry to refuse to signing: Autofac, AutoMapper, Dapper, NLog, etc.

In my opinion, refusal to signing will bring much more harm.

[hollow87]

Here are some documents that outline pro's and cons of strong signing.

https://github.com/dotnet/corefx/blob/master/Documentation/project-docs/strong-name-signing.md
https://docs.microsoft.com/en-us/dotnet/framework/app-domains/strong-named-assemblies

I personally don't think Jurassic has such a need for it. I see people creating strong signed assemblies thinking its more secure as a cheap alternative to code signing, rather than using it for what is was meant for.

The second link I provided has details on why to strong sign.

[Taritsyn]

I see people creating strong signed assemblies thinking its more secure as a cheap alternative to code signing, rather than using it for what is was meant for.

@hollow87 It's not even about security or ability to deploy assemblies in GAC. In case of open source projects, this is problem of software product distribution. Unsigned assemblies have little chance of becoming part of a boxed or enterprise software.