We have a solution with many projects (maybe 20 or more). We recently made some changes that require a couple of these assemblies to be called from COM, which means we need their strong name. These assemblies refer to others in our project, which means that they must also be strongly named. They also have InternalsVisibleTo attributes, so the provided assemblies must also be strong.
Instead of searching and trying to find which assemblies need to be signed / strongly named, I recommended just to simply name them all. This put a couple of people in silence about the risk. I affirm that there is no risk, but they need the pros and cons of signing the meetings. The only thing I managed to come up with was:
Arguments
- Requirement to call assembly from COM
- This would allow us to put assemblies in the GAC (we donโt do it now)
- This prevents (we accept the application, it is not installed on client sites, so itโs not a big problem).
against
- This requires that every assembly we use in the future be signed.
I have two specific questions:
- Could you say that it is a good idea to sign / strong names?
- Can you think of any other pros or cons?
Craig W.
source share