I have an assembly written in .net 3.5. I distributed this file to a bunch of people and so far, no problems unless they try to load the assembly (a dll) from a network share. Then they get security exceptions but this is easily fixed by changing zone security of the local intranet.
Currently I am not signing my code with any form of certificate.
- Should I sign my assemblies?
- What do I get for the $$$ i pay verisign for signing my code?
- Will a signed assembly eliminate the security exception encountered when loading the assembly from a network share?
You can solve the network share problems by updating your framework to service pack 1. Other than that, signing assemblies buys you two main things:
Additionally, you don’t need to pay verisign or anyone else to sign an assembly for within your organization. You can sign it anywhere to get a “temporary” key, but nothing stops you from distributing that temporary key. It’s just that other machines won’t trust that key and so your users will have to do extra work at install time to accept it anyway, and if you use it for licensing it’s not guaranteed to be secure. Within a single organization, you can also set up a server in your domain to issue keys that will be trusted across the domain.
Signing the assembly by itself will not eliminate your network share problem. Installing to the GAC will, but that creates additional distribution headaches. What you really want to do is upgrade to .Net3.5sp1.