Improving Web Application Security: Threats and - CGISecurity

Chapter 7: Building Secure Assemblies 157Delay SigningIt is good security practice to delay sign your assemblies during applicationdevelopment. This results in the public key being placed in the assembly, whichmeans that it is available as evidence to code access security policy, but the assemblyis not signed, and as a result is not yet tamper proof. From a security perspective,delay signing has two main advantages:● The private key used to sign the assembly and create its digital signature is heldsecurely in a central location. The key is only accessible by a few trustedpersonnel. As a result, the chance of the private key being compromised issignificantly reduced.● A single public key, which can be used to represent the development organizationor publisher of the software, is used by all members of the development team,instead of each developer using his or her own public, private key pair, typicallygenerated by the sn –k command. To create a public key file for delay signingThis procedure is performed by the signing authority to create a public key file thatdevelopers can use to delay sign their assemblies.1. Create a key pair for your organization.sn.exe -k keypair.snk2. Extract the public key from the key pair file.sn –p keypair.snk publickey.snk3. Secure Keypair.snk, which contains both the private and public keys. For example,put it on a floppy or CD and physically secure it.4. Make Publickey.snk available to all developers. For example, put it on a networkshare. To delay sign an assemblyThis procedure is performed by developers.1. Add an assembly level attribute to reference the key file that contains only thepublic key.// The keypair file is usually placed in the project directory[assembly: AssemblyKeyFile(@"..\..\publickey.snk")]2. Add the following attribute to indicate delay signing.[assembly: AssemblyDelaySign(true)]