Switch to bond.snk for all strong names in .NET #414
Labels
Comments
Closed
chwarr
added a commit
to chwarr/bond
that referenced
this issue
Jun 20, 2017
Previously, when when an official release of Bond was produced, a Microsoft-internal key instead of bond.snk was used to strong-name sign the assemblies. This means that locally produced assemblies and Microsoft-produced assemblies have different strong names, making it difficult to consume non-official releases in applications that require strong-name signed assemblies. This change switches to using bond.snk for all strong-name signing. Official Microsoft release will still be Authenticode signed for integrity. (Official release of Bond are already Authenticode signed.) This is a breaking change, as it will change the strong name of the assemblies. Resolved microsoft#414
chwarr
added a commit
to chwarr/bond
that referenced
this issue
Jun 20, 2017
Previously, when when an official release of Bond was produced, a Microsoft-internal key instead of bond.snk was used to strong-name sign the assemblies. This means that locally produced assemblies and Microsoft-produced assemblies have different strong names, making it difficult to consume non-official releases in applications that require strong-name signed assemblies. This change switches to using bond.snk for all strong-name signing. Official Microsoft release will still be Authenticode signed for integrity. (Official release of Bond are already Authenticode signed.) This is a breaking change, as it will change the strong name of the assemblies. Resolves microsoft#414
chadwalters
pushed a commit
that referenced
this issue
Jun 23, 2017
Previously, when when an official release of Bond was produced, a Microsoft-internal key instead of bond.snk was used to strong-name sign the assemblies. This means that locally produced assemblies and Microsoft-produced assemblies have different strong names, making it difficult to consume non-official releases in applications that require strong-name signed assemblies. This change switches to using bond.snk for all strong-name signing. Official Microsoft release will still be Authenticode signed for integrity. (Official release of Bond are already Authenticode signed.) This is a breaking change, as it will change the strong name of the assemblies. Resolves #414
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently, when you build Bond locally, it uses bond.snk to sign the .NET assemblies. However, when an official release of Bond is produced, a Microsoft-internal key is used to sign the assemblies. This means that locally produced assemblies and Microsoft-produced assemblies have different strong names. The current guidance for Microsoft open source projects is to use one key that is accessible to everyone for strong name signing, and to Authenticode sign official Microsoft releases for integrity. (Official release of Bond are already Authenticode.)
This will be a breaking change, as it will change the strong name of the assemblies.
The text was updated successfully, but these errors were encountered: