Also, remember that a signature merely proves the signed data and the
public key were accessible to a computational device at the same time.
This is a LONG stretch from actually meaning you signed it
intentionally.
See Schneier's "Secrets and Lies", there's a whole chapter on this
point,
or just wait till somebody you know gets nailed with the next
Sobig/Nimda/Klez
or whatever, and ask if any of the mail they sent out was intentional.
;)
You are telling if someone else was given a certificate in my name and
signed a virus code and distributed it. I would go to jail for it
because it was signed in my name.
I would challenge the law altogether and fill in a complaint against the
government for this.