Inline > -----Original Message----- > From: Moderated discussion of advanced .NET topics. [mailto:ADVANCED- > [EMAIL PROTECTED] On Behalf Of Block, Jeffrey A. > Sent: Sunday, July 13, 2003 6:29 PM > To: [EMAIL PROTECTED] > > John, > > Are you actively using this?
Yes, although usually I trust a share, rather than a whole machine. >If so, could you please share more of your > experiences, if you able, of course? I work in a mostly corporate, > Intranet > type environment. So, I have some level of trust and control. It seems > like a good, easy way to deploy applications, but it seems that this type > of > setup is frowned upon, but one I have leveraged in other environments > successfullly. Certainly, if this is a wrong impression, speak up as > well. > I have seen a few Microsoft employees recommend against this approach and favor using a code groups based on strong names. I disagree with the strong name approach for practical reasons. First, very few of the corporate clients I work with have deployed effective public key infrastructures. It is widely viewed as overly complex and bureaucratic, and although I don't entirely agree with that sentiment, it's not a productive battle for an external consultant. On the other hand, almost every company I've worked with has set up file servers with "App" shares where they put apps that have been "blessed" by the corporate system administrators. They have tight controls in place to restrict write access to these shares. It's far easier to explain the "app share" approach than establish the procedures necessary to securely implement code signing. > I was just wondering if some additional "white-paper", (e.g. Winforms vs. > ASP.Net, size of install, transactional, read-only, environment, etc.) > info > would help as well as caveats, etc. as to _why_ this is looked down on > from > anyone else. Seems like a lot of people are trying the no-touch > deployement > features with some degree of success, as am I, but it just doesn't seem > right yet. Maybe its just me, but I see a lot posts regarding the > deployment of applications. Microsoft has done a pitiful job of explaining how to use CAS in a real-world work environment. As far as I can tell, they've made almost no attempt to explain it to system administrators. They seem to think that all companies work like Microsoft where the developers are in charge. > > I did some preliminary testing over the weekend it sure seems to "work" > okay, but what's the catch? Always learning and looking for a better, > easier way...thanks for any thoughts! > > Jeff Block > > >
