During development process we have to sign strong name with our application. But it is not good practice in the security point of view. For that, we can sign it later. It is called delay signing.
Following steps are involved in delay signing.
1. First get the strong name key.
2. After that, annotate the two attributes from system.reflection. AssemblyKeyFileAttribute, which passes the strong name with the public key as a parameter to its constructor. AssemblyDelaysignAttribute passes true value as a parameter to its constructor.
The compiler insert the public key into the assembly manifest and reserve space in the PE file for full strong name signature. So that other assembilies that referece this assembly can obtain the key to store in their own assembly reference.
While delay signing, we should turn off verfication for an assembly.
sn -Vr myassembly.dll
Just before shipping, we have to sign the real strong name with assembly using the -R option.
Sn -R myassembly.dll testkey.snk