Well, the licensing issue is clear, in our case it is all about security. Rebuilding and self signing would be definitely an option, but if there are other dependencies to packages in, this gets a bit cumbersome. In addition, rebuilding is sometimes not that easy (as it should be?) as I did not manage to rebuild SharpDx as an example. There are sometimes not so well documented dependencies to whatever toolsets and special gimmicks needed.