Use of identifier as public and private keys

Hi again!
I’m playing with the skeleton template and with HTTP JSON API but there is something that seems weird to me.
I’m sorry if the terms public/private keys doesn’t makes sense in Daml but this is the only thing I can refer to.
When I’m creating a contract or exercise a choice on it, I have to use the identifier to create a JWT which will be used to “sign” the contract creation. So we could compare this to a private key.
But when I use the Give choice on the created contract I must specify a newOwner with his identifier too. So this is used as a public key.

So I think I’m missing something about how identifiers work.
If anyone would like to enlighten me on this.

Thanks

When you talk about an “identifier”, do you mean a party identifier or something else?

If that’s the case, I’m not 100% sure that the analogy holds too well. A JWT (JSON Web Token) is “just” a signed piece of text describing authorization rights for the bearer. In Daml 1, the authorization rights are embedded in the token. In Daml 2, the new concept of user management means that the token represents some form of “identity” and the binding between that and the rights are moved to the Ledger API server itself. The only signing involved in the whole process is the token itself.

The party identifier is not really some kind of public key. It’s closer to a telephone number: if you have the party ID, you can (try to) involve a party in a workflow. Whether the party will accept is their choice only and the way in which they can do this is by issuing a command to the Ledger API and provide a token alongside the request.

Does this make sense? Am I getting your analogy wrong?