This complicates things, but is nevertheless probably a good idea.
We would need one key-pair set which must be kept completely private,
and used for the official binary-only release. An assembly with that
key can be assured to be "pure", and therefore that key set cannot be
released with the source code. (If it were, a cracker could create a
malilicous version of Castle, and it would be indistinguishible from
the real code --- ths defeating the purpose of string naming in the
first place).
Which means we have the choice a) we provide a secondary "faux"
key-pair with the downloadable source code , or b) the source code
won't compile until the user creates thier own key-pair.
Truth,
James
On Mon, Feb 8, 2010 at 10:52 PM, Jonathon Rossi <[email protected]> wrote:
> Do many people put Castle binaries in the GAC. I assume most people would
> ship them in their bin directory, but I just wanted to get a feeling for how
> many people use the GAC.
>
> --
> Jono
--
You received this message because you are subscribed to the Google Groups
"Castle Project Development List" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/castle-project-devel?hl=en.
