>Also, remember that a signature merely proves the signed data and the >public key were accessible to a computational device at the same time. >This is a LONG stretch from actually meaning you signed it intentionally. >See Schneier's "Secrets and Lies", there's a whole chapter on this point, >or just wait till somebody you know gets nailed with the next >Sobig/Nimda/Klez >or whatever, and ask if any of the mail they sent out was intentional. ;) You are telling if someone else was given a certificate in my name and signed a virus code and distributed it. I would go to jail for it because it was signed in my name. I would challenge the law altogether and fill in a complaint against the government for this.