Summary
An assembly is the basic unit of versioning, culture, and deployment. Your source code is ultimately assimilated into an assembly that becomes available for distribution.
From the assembly consumer's perspective (the external view), an assembly contains the following:
Type metadata (describing the properties, methods, and fields of each type defined in the assembly).
MSIL code (the implementation of each type defined in the assembly).
Assembly manifest (describing overall information about the assembly).
Resources (e.g., strings and bitmaps).
From the assembly developer's perspective (the internal view), an assembly consists of one or more executables (PE files) called modules, each of which contains type metadata (optional), manifest, resources (optional), and MSIL code (optional). One module is designated as the holder of the assembly's manifest.
The assembly's manifest contains information such as name of the assembly, its version and culture settings, the list of files in the assembly, its public key (if any), the list of referenced assemblies, and so on.
The assembly's type metadata contains complete information on types that are present in the assembly. This type metadata can be obtained programmatically using Reflection APIs.
In case of a single-module assembly, the module itself designates the assembly. This is by far the most common case for an assembly.
An assembly can also embed resources (e.g., strings or images) or can have links to external files such as HTML pages. Assemblies storing just the resources for a specific culture are called satellite assemblies.
Assemblies can either be private to an application or can be shared by multiple applications.
A shared assembly has to be installed in the GAC. To ensure that a shared assembly has not been tampered with, it has to be signed using a public–private key pair mechanism. Such a signed assembly is referred to as a strong-named assembly.
A strong-named assembly contains a digital signature based on the public–private key pair. The common language runtime can verify this digital signature using just the public key. This guarantees that an assembly has not been tampered with after it has been shipped.
The .NET Framework has gone to great lengths to ensure that assembles are not subject to the traditional software deployment problems such as DLL hell.
The assembly resolver undergoes a series of steps to locate and bind any assembly that needs to be loaded. If an assembly could not be located for some reason, the resolver writes the failure information in a log file that can be viewed through the assembly binding log viewer.
The runtime's assembly binding behavior can be customized by means of configuration files. The configuration files can be either created for a specific application, or the vendor of a shared assembly can specify its configuration using publisher policies. Yet another option is to administratively define a configuration at the machine level.
It is also possible to turn off publisher policies for a specific application using the application's configuration file. This mode of operation is referred to as safe mode operation.