A Key Certification Authority (KCA) is a trusted entity that typically maintains a secured database of complicated messages
signed with a KCA private key. In practical implementations, the composite messages contain the user name, the user 's public key, and some other information
about the user.
When the invoked application receives the user's signed message, the application verifies the public key received with the message by comparing it to the public key stored in the KCA database.