Uploaded image for project: 'C# Driver'
  1. C# Driver
  2. CSHARP-3471

Investigate Nuget Package Signing

XMLWordPrintableJSON

    • Type: Icon: Improvement Improvement
    • Resolution: Duplicate
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: None
    • None
    • Hide

      1. What would you like to communicate to the user about this feature?
      2. Would you like the user to see examples of the syntax and/or executable code and its output?
      3. Which versions of the driver/connector does this apply to?

      Show
      1. What would you like to communicate to the user about this feature? 2. Would you like the user to see examples of the syntax and/or executable code and its output? 3. Which versions of the driver/connector does this apply to?

      In 2018 Microsoft introduced the ability to sign NuGet packages, which allows consumers of those packages to verify package integrity and authenticity. (This is separate from strong-naming of assemblies.) More information can be found in the announcement including code signing certificate requirements, certificate registration with NuGet, and how sign a NuGet package.

      https://devblogs.microsoft.com/nuget/introducing-signed-package-submissions/

      The actual work of automating NuGet package signing will be done in CSHARP-3050. This ticket will investigate and prototype signing of our NuGet packages to ensure that we have the correct type of code signing certificate, determine if we will use author signatures or repository signatures, and iron out any other details required in the signing process.

            Assignee:
            Unassigned Unassigned
            Reporter:
            esha.bhargava@mongodb.com Esha Bhargava
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: