Section 41

Section 41 defines the act of acceptance of a Digital Signature Certificate and the legal representations that acceptance entails. Acceptance is established by conduct: publishing the certificate, authorising the CA to publish it in a repository, or otherwise demonstrating approval. This is significant because it means acceptance is not just a formal signed form — any act of making the certificate available to relying parties constitutes acceptance. The representations triggered by acceptance are subscriber-facing counterparts to the CA's Section 36 representations. By accepting, the subscriber certifies to all who reasonably rely on the certificate three things: first, that they hold the corresponding private key and are entitled to hold it (ruling out stolen or fraudulently obtained certificates); second, that all information they provided to the CA and all material in the certificate is true (ruling out identity fraud in the certificate application process); and third, that all information in the certificate within the subscriber's knowledge is true. These representations run to relying parties — not just to the CA. A subscriber who accepts a certificate while knowing that information in it is false, or while having no right to the private key, makes false representations to every party who subsequently relies on that certificate. This exposes the subscriber to civil liability for damages suffered by relying parties and potentially criminal liability under Sections 66C (identity theft) and 66D (impersonation using computer resources).