软件发行者经常会使用一个发行者证书对其所有应用程序中的程序集进行签名。如果选择信任该发行者，则将信任他们的所有用其发行者证书签名的程序集。或者，软件发行者可以在其某些或所有程序集中包含一个程序集公钥。与发行者证书不同，您不能跟踪此公钥的所属权。因此，在基于程序集公钥信任所有程序集之前，请确保您信任该公钥的来源。

A software publisher will often use one publisher certificate to sign the assemblies in all of their applications. If you choose to trust this publisher, all of their assemblies signed with their publisher certificate will be trusted. Alternatively, a software publisher can include an assembly public key in some or all of their assemblies. Unlike publisher certificates, you cannot trace the ownership of the public key. Therefore, before trusting all assemblies based on an assembly public key, make sure you trust the origin of the public key.