Educate my users? That is hardly my role. They get the benefit of being able to run a patch version without undue hassle. NHibernate 1.x tried to have a secret snk, and that failed pretty miserably
On Mon, Feb 21, 2011 at 2:16 PM, Stefan Bodewig <[email protected]> wrote: > On 2011-02-21, Ayende Rahien wrote: > > > There are many situations where you _have_ to have a strong key, or > > example, gac deployments. In those cases, anything in the chain also > > have to have strong key. > > Yes, I knew that. Sorry if I sounded stupid. In most cases I try to > avoid the GAC and my personal use-case (XMLUnit) is quite different from > Lucene (i.e. it is less likely to end up as a dependency of something > that gets deployed to the GAC). > > Fortunately my opinion is pretty unimportant here anyway 8-) > > > Most OSS in .NET have signed binary releases, and the snk is usually > > in the source code. > > Do you educate your users that there is no security promise attached to > the strong name in this case? I've always shied away from using strong > names in OSS because of the illusion of verified-publisher they provide > in such a setup. > > Thanks > > Stefan >
