Building satellite assemblies where the template is strong named

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I need for our customers to be able to generate satellite assmblies for use in our application. The template assembly from which the satellite assemblies are based on is strong named. It seems that the private key is needed in order to generate satellite assemblies. I'm not about to distribute our private key to our customer so that they can generate satellite assemblies. Is this supposed to be how it works? How can I get around this?
 
Hi,

Currently I am looking for somebody who could help you on it. We will reply
here with more information as soon as possible.
If you have any more concerns on it, please feel free to post here.


Thanks for your understanding!

Best regards,

Gary Chang
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
 
Hello,

Thanks for your post. I reviewed your description carefully, and now I'd
like to share the following infomration with you:

1. As I understand, your satellite assemblies need to reference a
strong-named template assembly. If so, you customer just need to get the
public key instead of private key. Please refer to the following MSDN
articles:

Referencing a Strong-Named Assembly
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/htm
l/cpconstrongnamescenario.asp

Strong Name Scenario
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/htm
l/cpconstrongnamescenario.asp

2. If it is not the case, I strongly recommend you delay signing the
assembly to work around the problem:

Delay Signing an Assembly
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/htm
l/cpcondelayedsigningassembly.asp

Hope this helps.

Regards,

HuangTM
Microsoft Online Partner Support
MCSE/MCSD

Get Secure! -- www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.
 
Neither of these solves the problem. If I try and do an AL using the public
portion of the strongname it generates an error saying it needs the private
key as well. I don't see how Delayed Signing does anything for me as my
customers need to be able to build satellite assemblies and I'm not about to
give them our private key. Please advise.
 
Hi,

Thanks for your response.

One of the purpose of Delayed Signing is to restrict the private key access
to only a few individuals. As in this case, you can ask your customer use
delayed signing at build time to reserve space in the portable executable
(PE) file for the strong name signature. Send the assemblyto you for the
actual signing just before shipping the assembly.

Please feel free to let me know if you have any problems.

Regards,

HuangTM
Microsoft Online Partner Support
MCSE/MCSD

Get Secure! -- www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.
 
I'm trying to avoid having to tell my customers that they need to come to me
to do something in order for them to set up their own satellite assembly.
Delayed Signing doesn't solve my problem. In my case, the customer is
someone who purchased our software. Imagine telling your Microsoft customers
that they'd need to send you a file for every locale that they make their
own resource file for so that you could compile it for them? And to also do
the same whenever they want to make a change. There must be a better way.
 
Hello Peter,

I am sorry that I did not understand the relationship between your
customers and you. Since then, based on my experience and research, I am
afraid that there may not be a good wethod to work around the problem.

Regards,

HuangTM
Microsoft Online Partner Support
MCSE/MCSD

Get Secure! -- www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.
 
Thanks Huang. Microsoft may want to consider a better solution for this
problem in Whidbey.
 
Back
Top