key certification authority (KCA)

A Key Certification Authority (KCA) is a trusted entity that typically maintains a secured database of complicated messages signed with a KCA private key.

In practical implementations, the composite messages contain the user name, the user's public key, and some other information about the user.

When the invoked application receives the user's signed message, the applicationverifies the public key received with the message by comparing it to the public key stored in the KCA database.