We want to redistribute code-signed assemblies to our clients because we have been confronted to very restrictive antiviruses, and have had success mitigating this by signing our assemblies. We wish to sign as few external assemblies as possible, so we try to get assemblies signed by their vendor as much as possible.
We want to upgrade to .NET 6 (7), not 3.1.
We don't see any reason why code-signing would be less of a common practice with .NET Core than with .NET Framework, if anything, it should be the other way around.
We don't distribute code-signed copies by default because a while back, machines without internet access that would try and validate a signed assembly could experience a delay in application load times as the validation check timed out. We are not sure if that is still an issue in .NET or not.
According to this KB, this was an issue with .NET Framework 2.0, which was fixed back in 2007. We remember having this issue with your assemblies, and in our memory it was indeed around 15 years ago so everything seems to coincide.
Anecdotally, right now in the 2400 external assemblies we redistribute, 2155 are code-signed by their vendor.
[Modified 5 months ago]