There was a discussion with @jehunter5811 and @tautvilas in the slack channel that I would like to continue here:
The question was how to sign a text with the main blockstack private key (
ownerKey) such that 3rd parties can verify the signature using the blockstack name. It should be simple, using an app private key seems to be too difficult because the signer has to communicate the app domain additionally.
Only the CLI has access to the
Should the blockstack browser have a feature to reveal the
Should a user use the
ownerKey for signing at all? If not, which keys could be used for signing? Where would the blockstack browser publish these signing keys? In the DID Document in the publicKey property? Then the verifier can go through the list of keys and try them to verify the signature. Does that make sense?