I am about to deploy a ClickOnce application for internal use. I will be personally handing the application out to a trusted set of users. I understand that it is possible to sign the ClickOnce manifest, but i开发者_开发百科s there a need to when the user trusts the source?
What are the downsides to not signing the manifest or assembly?
You will need to sign the manifest, but there is no need to sign the assembly. You need to sign the manifest so that ClickOnce can uniquely identify the installation (you can install the application twice by signing the application with two different keys).
If you are only doing an internal application, your certificate can just be a certificate you create, it does not have to be trusted.
The only benefit of signing any assemblies would be that ClickOnce can optimize the download and store strongly signed assemblies outside of your applications isolated storage and share the assembly across multiple applications. For example, if you have two applications that both use the same version of NHibernate then ClickOnce will only download the assemblies once.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论