There are numerous reasons we require “ClickOnce” applications to be signed. The biggest is to ensure that “ClickOnce” can not be used as an attack vector to propagate viruses to client PCs. By requiring “ClickOnce” deployments to be signed, only the original deployer can publish updates to the application. It also gives us a strong identity to be able to re-use any trust decisions that have already been made for an application when it’s updated.