|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
How many keys?Hello.
I am developing an application with multiple assemblies. I have all the projects contained in one solution just to make code management a little easier. However, is it recommended to have one key for strong naming for all the assemblies (projects) or should if assembly be strong named with a different key? Thanks. Ryan Ryan,
You can use one key. There is no advantages of using multiple keys. Alek Show quoteHide quote "Ryan Taylor" <rtay***@stgeorgeconsulting.com> wrote in message news:uLxwol8XFHA.3584@TK2MSFTNGP14.phx.gbl... > Hello. > > I am developing an application with multiple assemblies. I have all the > projects contained in one solution just to make code management a little > easier. However, is it recommended to have one key for strong naming for > all the assemblies (projects) or should if assembly be strong named with a > different key? > > Thanks. > Ryan > The only reason I can think of that you might want different strong names
would be to apply different security policies to different assemblies and wanted to use the strong name as evidence. Otherwise, I agree with Alex. You probably just want one key. Joe K. Show quoteHide quote "Alek" <alek_xDDOOTTx_davis_xAATTx_intel _xDDOOTTx_com> wrote in message news:%23z6onDAYFHA.3716@TK2MSFTNGP12.phx.gbl... > Ryan, > > You can use one key. There is no advantages of using multiple keys. > > Alek > > "Ryan Taylor" <rtay***@stgeorgeconsulting.com> wrote in message > news:uLxwol8XFHA.3584@TK2MSFTNGP14.phx.gbl... >> Hello. >> >> I am developing an application with multiple assemblies. I have all the >> projects contained in one solution just to make code management a little >> easier. However, is it recommended to have one key for strong naming for >> all the assemblies (projects) or should if assembly be strong named with >> a different key? >> >> Thanks. >> Ryan >> > > Even though it's quite common to use only the public key when using strong
name evidence, other parts of the strong name can also be used when constructing strong name membership conditions or identity permission demands. Since it's possible to vary permission grants based on strong name without varying the signing key, potential policy use probably shouldn't be a factor when selecting a signing key. Show quoteHide quote "Joe Kaplan (MVP - ADSI)" <joseph.e.kap***@removethis.accenture.com> wrote in message news:eFHhPOAYFHA.1796@TK2MSFTNGP15.phx.gbl... > The only reason I can think of that you might want different strong names > would be to apply different security policies to different assemblies and > wanted to use the strong name as evidence. Otherwise, I agree with Alex. > You probably just want one key. > > Joe K. > > "Alek" <alek_xDDOOTTx_davis_xAATTx_intel _xDDOOTTx_com> wrote in message > news:%23z6onDAYFHA.3716@TK2MSFTNGP12.phx.gbl... >> Ryan, >> >> You can use one key. There is no advantages of using multiple keys. >> >> Alek >> >> "Ryan Taylor" <rtay***@stgeorgeconsulting.com> wrote in message >> news:uLxwol8XFHA.3584@TK2MSFTNGP14.phx.gbl... >>> Hello. >>> >>> I am developing an application with multiple assemblies. I have all the >>> projects contained in one solution just to make code management a little >>> easier. However, is it recommended to have one key for strong naming for >>> all the assemblies (projects) or should if assembly be strong named with >>> a different key? >>> >>> Thanks. >>> Ryan >>> >> >> > > Thanks guys. Seems to be unanimous.
Ryan Show quoteHide quote "Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com> wrote in message news:OMZ%23uBFYFHA.2124@TK2MSFTNGP14.phx.gbl... > Even though it's quite common to use only the public key when using strong > name evidence, other parts of the strong name can also be used when > constructing strong name membership conditions or identity permission > demands. Since it's possible to vary permission grants based on strong > name without varying the signing key, potential policy use probably > shouldn't be a factor when selecting a signing key. > > > > "Joe Kaplan (MVP - ADSI)" <joseph.e.kap***@removethis.accenture.com> wrote > in message news:eFHhPOAYFHA.1796@TK2MSFTNGP15.phx.gbl... >> The only reason I can think of that you might want different strong names >> would be to apply different security policies to different assemblies and >> wanted to use the strong name as evidence. Otherwise, I agree with Alex. >> You probably just want one key. >> >> Joe K. >> >> "Alek" <alek_xDDOOTTx_davis_xAATTx_intel _xDDOOTTx_com> wrote in message >> news:%23z6onDAYFHA.3716@TK2MSFTNGP12.phx.gbl... >>> Ryan, >>> >>> You can use one key. There is no advantages of using multiple keys. >>> >>> Alek >>> >>> "Ryan Taylor" <rtay***@stgeorgeconsulting.com> wrote in message >>> news:uLxwol8XFHA.3584@TK2MSFTNGP14.phx.gbl... >>>> Hello. >>>> >>>> I am developing an application with multiple assemblies. I have all the >>>> projects contained in one solution just to make code management a >>>> little easier. However, is it recommended to have one key for strong >>>> naming for all the assemblies (projects) or should if assembly be >>>> strong named with a different key? >>>> >>>> Thanks. >>>> Ryan >>>> >>> >>> >> >> > > 
Other interesting topics
Appl. Security Problems
User id of a running Windows form app Appliyng Security in assembly. Private member access. Security exception related to network Data security/filtering on attribute values Why CAS doesn't stop things in ASP.NET apps does .NET connect to Internet to verify digitally signed assembly certificate? Allow inheritable permissions form the parent to propagate... Migrating users to asp.net 2.0 from CSK and setting passwords |
|||||||||||||||||||||||
