There are many ways to generate a digital certificate (digital ID) that can be used to sign a document. In your post you are describing what are referred to as "self-signed" certificates. This means that any user can create their own identity (as you have discovered) and sign a document with it. Acrobat and many other utilities are available that can be used to generate self-signed certificates. Using self-signed certificates can be useful in a scenario where you have established some level of trust with the signer. Usually this involves a relationship with the signer where you have explicitly trusted their digital certificate by importing the public key portion of their digital id. This use of signatures is not suited for non-repudiation, but it does allow you to determine if the document was modified or tampered with after it was signed.
When you need signatures to also guarantee the identity of the signer, then you must implement some type of Public Key Infrastructure (PKI). A PKI handles the creation, issuing and revocation of digital certificates (digital ids), typically a user must prove they are who they say they are for the system to generate them a digital certificate. VeriSign and Entrust are two examples of PKI vendors. Trust of the signer can then be implicit, you "trust" the issuer (or Certificate Authority (CA)), therefore you trust the signatures generate with certificate that came from the Certificate Authority. When a certificate is created by a CA, there is a "certificate chain" so you can determine who (which CA) issued the certificate.
I hope this helps clear things up a bit.