why use AssemblyDelaySign if u can install in GAC with any key?

[xamman]

take as an example an organisation developing software where the
public key is known but the private key is kept by only the top
official.

why would you use AssemblyDelaySign and sign an assebly with only its
public key when a developer can generate a different pub/priv key pair
for himself and sign an assembly with that?

later when developer is done testing he can submit his asembly to the
top official for signing with organization key pair?am i missing
something here?

thx

 

[Mattias Sjögren]

later when developer is done testing he can submit his asembly to the

top official for signing with organization key pair?am i missing
something here?

If you change keys you get an entirely different assembly name. That
breaks existing references, security settings and other configuration
options where you specify the assembly name. In other words, it could
become a maintainance mess.


Mattias

 

[xamman]

thanks mattias. i knew there had to be a good reason