Assemblies may provide evidence of their own – in addition to software publisher signatures and strong names – by including them as a resource. The “Security.Evidence” resource contains a single Evidence object serialized in binary format. The evidence objects inside the Evidence collection may be of any type but they may not be any of the standard evidence types listed above. (Inclusion of a Publisher identity, for instance, could be used to forge a publisher signature since this evidence is directly passed to policy without any kind of verification check.)
The LM tools supports addition of evidence to an assembly by use of the command:
LM –e evidencefile
The developer must write code to construct the appropriate evidence objects, collect them in an Evidence object, and serialize them to a file. This file is then included as a resource by the LM command line above.