Please provide Strong-named binaries

Topics: Silverlight test runner
Apr 6, 2011 at 2:59 PM

As the title says.

Coordinator
Apr 7, 2011 at 9:20 PM

Have to confess that I've never had to touch strong names, but I'm vaguely aware they are a contentious subject.

Could you provide a bit more context? Why do you need strong named assemblies? (And presumably this is the silverlight builds?) And what problems could it cause? Should there also be a non-strong named build?

(This link is quite informative: https://github.com/machine/machine.specifications/issues/34/#comment_761201)

Thanks
Matt

Apr 8, 2011 at 1:16 AM

We strong-name xunit.dll, xunit.extensions.dll, and xunit.runner.dll.

The reason is simple: if you are strong naming something, then it must be linked against only things which are themselves strong named. We also ship our public and private key in the repository so that people can strong name it themselves, so we don't consider this to be any kind of security measure (nor should our users). If compilers didn't enforce "you are signed, therefore everything you link to must be signed", we never would've bothered.

Apr 8, 2011 at 8:59 AM
Edited Apr 8, 2011 at 9:03 AM

Brad hit the nail on the head, in fact I also think that strong-naming for security doesn't make a whole lot of sense in the OSS space. However a lot of people will use OSS projects in the context of other strong-named projects, and hence these need to be strong-named.

 

Coordinator
Apr 11, 2011 at 11:36 PM

Righto. I'll add a work item. This is just for the silverlight builds, yes?

Coordinator
Apr 11, 2011 at 11:38 PM
This discussion has been copied to a work item. Click here to go to the work item and continue the discussion.