Strongly naming your assemblies

Dec 17, 2015 at 3:43 PM
Is there any reason why your NugGet distributions are not strongly named? I'd have thought there's no reason not to strongly name openly distributed libraries. In fact, I'd have thought it would be a generally sensible policy.
Jan 7, 2016 at 7:34 AM
Jan 11, 2016 at 10:12 AM

hmm. I examined this over the weekend.
The fact the page has incomplete content is disappointing. It undermines their conviction slightly I think.
The main argument appears to be that Strong Naming can introduce version resolution issues. When I dug into this further I realised that this is actually a feature of strong naming and not a design bug. One of the named purposes of strong naming is to allow the running of different dependency versions side-by-side. From what I can see, most of the problems raised in that page can also be obviated when publishers include a publisher policy in newer versions of their libraries.
But I take your point that strong naming is not considered a security tool, it's more akin to a guaranteed unique namespace. Although it beggars belief that on one hand Microsoft implies strong naming has no security benefits, yet with the other, mandates it as a requirement for defining fully trusted assemblies.



Anthony Geoghegan
Senior Dot Net Architect
P: +353 (0)21 425129
M: +353 (0)87 2264847
E: [email removed]
L: ie.linkedin.com/pub/anthony-geoghegan/18/a64/a4a/
T:
Building 1, University Technology Centre,
Curraheen Road, Cork, Ireland
www.decaresystems.ie
DecareSystems.ie


Inactive hide details for "tiesontrowbridge" ---09/01/2016 01:48:50---From: tiesontrowbridge Well... http://strongnamingconsideredharmful.com/