One of my colleagues is very keen on signing assemblies. He literally tries to sign anything. Even when we use assemblies from Microsoft that are not signed, he will take the source code, sign it and then ask other developers to use his copy instead.
I can understand the basic idea behind signing an assembly: to ensure a particular assembly is not compromised by some dodgy hacker. So if we are a software development company, we should sign our assembly before releasing some .NET library to our customers.
However, we primarily develop web applications for our own use here, and I just can't see the point of signing every single assembly we use.
Am I missing something here?
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…