軟體發行者通常使用單一發行者憑證來簽署他們所有應用程式中的組件。如果您選擇信任這個發行者，以此發行者憑證簽署的所有組件都會受信任。此外，軟體發行者也可以將組件公開金鑰包括在他們的某些或全部組件中。與發行者憑證不同之處在於，您無法追蹤公開金鑰的擁有人。因此，要依據組件公開金鑰來信任組件之前，請確定您可以信任這個公開金鑰的來源。

A software publisher will often use one publisher certificate to sign the assemblies in all of their applications. If you choose to trust this publisher, all of their assemblies signed with their publisher certificate will be trusted. Alternatively, a software publisher can include an assembly public key in some or all of their assemblies. Unlike publisher certificates, you cannot trace the ownership of the public key. Therefore, before trusting all assemblies based on an assembly public key, make sure you trust the origin of the public key.