.NET: Should executables be strong-name signed? What about private DLLs?

Question

My application consists of three assemblies: a single EXE which references a couple of DLLs. The DLLs are private to my application - they are used only by this executable.

Answer 1

Strong naming assemblies ONLY ensures version compatibility. This is not the same thing as trusting the assembly.

In other words, the "strong name" ONLY refers to that exact assembly binary in combination with the version number in use at the time of compile.

If you GAC those assemblies, then the CLR will only verify it once. At the time the assembly is gac'd. This can result in a performance improvement. However, my experience has shown it to be minimal.

A strong named assembly can be replaced with one that is not strong named; which brings up the part about strong naming NOT being any type of security feature.

My personal opinion is that the level of pain associated with them does not justify their use. The pain being how they screw with automated testing tools.

https://web.archive.org/web/1/http://articles.techrepublic%2ecom%2ecom/5100-10878_11-5054496.html