Hi,
I want sell some .NET library and I want provide "edition" with full source code. Should I provide the sign certificate with the source code or should users-developers sign it with their own?
+1
A:
IMHO you should not provide your private key because that's what guarantees that the code is written by yourself. If you provide your key it's like giving your identity to others and you may be responsible for some bad code you never wrote.
Darin Dimitrov
2009-11-11 10:31:58
So, should I provide some another private key?Because, if I provide Visual Studio solution and there will be no privte key, the compilation will fail. The solution contains several projects and creating the new private key and setting up for every project will be littlebit annoying for customers.
TcKs
2009-11-11 11:05:02
You can provide a different key or generate one as part of your compilation process but I think it would be best to provide source code that does not contain signature and leave to the client to decide if he wants to sign his assemblies or not.
Darin Dimitrov
2009-11-11 11:13:54