This is an interesting one I stumbled upon today, I'm setting up a new TFS Build Server for VS2010 SharePoint projects and decided to re-visit a problem we've had for a while. We delay sign our assemblies with a public key and have key verification skipping on our dev servers, then fully sign the assemblies on the build server with a potected key.
To do this in the past we had to hack each csproj file and put a choose switch in to change the signing settings for debug and release build modes. This is quite annoying especially for solutions with many projects.
I decided to revisit this and after some googling and finding snippits of information about the TFSBuild.proj file, I found that properties can be substituted during the build server:
Adding a semicolon separated list of key/values in the <Properties> block under the <SolutionToBuild> block does the trick.