The question really revolves around who decides what is a release, doesn't it? If that is so, I think the releases should be signed with a personal key of the one actually being responsible for the release. If there are multiple persons responsible for creating releases there is nothing wrong with them sharing the key, except for higher risks of having to revoke/re-issue the key if one of the members of this group leaves.
In a broader scope, one has to admit, that .net doesn't really cater for re-using assemblies between multiple installed applications. Look into your SxS folder! So another way would always be for the distributor of the assembly to sign it with his own key. e.g. if a project uses log4net, it should sign the log4net assembly with its own key to take responsibility for its contents.
