My application consists of three assemblies: a single EXE which references a couple of DLLs. The DLLs are private to my application - they are used only by this executable.
Should these assemblies be given a strong name?
FxCop suggests that they should - for all of the assemblies it currently produces:
CA2210: Sign <assembly> with a strong name key.
However, this advice says:
In general, you should avoid strong-naming application EXE assemblies.
and
you may want to avoid strong-naming components that are private to your application.
Should I give these assemblies a strong name? What are the benefits of doing so (or not doing so) in this case?
Edit:
Looking at several applications with a similar structure, there seems to be no consensus on this issue. The binaries of Paint.NET and Crack.NET are not strong-named, whereas those of .NET Reflector and Snoop are.
Interestingly, with the Expression suite Microsoft have taken the latter approach: in Expression Blend, for example, they have chosen to strong-name sign both Blend.exe and the accompanying DLLs (such as Microsoft.Expression.Blend.dll).
It seems that I am unlikely to receive a simple answer to my first question: "Should I give these assemblies a strong name?". However, my second question still stands:
Are there any benefits to strong-name signing binaries in this situation? Or, are there any benefits to not doing so?
Edit 2:
If there are no overwhelming reasons to go either way, I am inclined towards giving my assemblies a strong name. I'd thus be interested in whether anyone can expand upon this (from the first link):
"strong-naming can make it more difficult to manage dependencies and add unnecessary overhead for private components."