tags:

views:

215

answers:

2

I have signed my assembly with strong-name.

I have done it from VS2005 Solution Explorer -> Assembly Right-click -> Signing.

But still RedGate's .net reflector is able to browse through the code.

Then what is the use of assembly signing?

+13  A: 

Assembly signing is not obfuscation. An assembly's strong name guarantees the origin of the assembly (i.e. an assembly signed with your private key can only have been written by you), and it guarantees that the assembly hasn't been tampered with.

To reiterate, if you want to clamp down on Reflector, obfuscate your assembly.

Tim Robinson
+9  A: 

Signing is not intended to protect your code form dis-assembly. If you want that, look into obfuscators.

Signing is part of strong-naming, and that allows assemblies from different suppliers with the same name, and different versions of assemblies to co-exist.

The only 'protection' signing offers is that it is not possible to create a 'fake' replacement without access to the original key-pair. Signing adds a digital signature to your assembly (visable as the Public key token).

Henk Holterman