Sign the BenchmarkDotNet NuGet package

[wnayes]

This is a request for the BenchmarkDotNet NuGet package to have signed DLLs included. This would reduce friction when trying to use this package in security-sensitive projects/organizations.

My understanding is that such signatures require a certificate purchase, so I would understand if it is not practical at this time to do code signing, but I wanted put the request out there.

[filzrev]

such signatures require a certificate purchase

BenchmarkDotNet is listed as a part of .NET Foundation projects.
So I thought, it can use code signing with key that provided by .NET Foundation.

Example workflow that using code signing with key that provided by .NET Foundation

• https://github.com/dotnet/docfx/blob/main/.github/workflows/release.yml#L57-L74
• https://github.com/xunit/xunit/blob/main/.github/workflows/ci-signed.yaml#L44-L59

[adamsitnik]

So far it was not an issue, as 99.99% of our users don't ship products that depend on BDN (they use it only in test-like projects that are not released)