What is Delay signing ?
During development process you will need strong name keys to be exposed to developer which is not a good practice from security aspect point of view.In such situations you can assign the key later on and during development you an use delay signing Following is process to delay sign an assembly: √ First obtain your string name keys using SN.EXE. √ Annotate the source code for the assembly with two custom attributes from System.Reflection: AssemblyKeyFileAttribute, which passes the name of the file containing the public key as a parameter to its constructor. AssemblyDelaySignAttribute, which indicates that delay signing, is being used by passing true as a parameter to its constructor. For example as shown below: [Visual Basic] [C#] [assembly:AssemblyKeyFileAttribute(“myKey.snk”)] [assembly:AssemblyDelaySignAttribute(true)] The compiler inserts the public key into the assembly manifest and reserves space in the PE file for the full strong name signature. The real public key must be stored
Delay signing is signing an assembly with its strong name public key, which is freely distributable, instead of using the private key as usual. This allows developers to use and test a strong-named assembly without access to the private key. Then at a later stage (typically just before shipping the assembly), a manager or trusted keyholder must sign the assembly with the corresponding private key.
