I can't believe everyone got this wrong:

There is only one way certain way to prove ownership, and that is by giving your PRIVATE KEY to that someone.

After that moment, both you and them become "owners" of that address as both of you control the ability to sign messages and move funds (if any exist). If one of you discards the private key, and has no physical/mental backup of it, nor any recollection, they lose ownership.

1) Having a signed message that belongs to that public hash does NOT prove you have ownership, it's mearly proves to someone, that you possess that signed message, but you might or might not be the orginal actual signer or owner.

2) Showing that a dust amount from that address has been sent to another address of someone's choice, does NOT prove you have ownership, it only proves that someone, but not nessesary you, is the owner.

A good real life example of the misconceptions of 1 or 2 is all the OTC scams that take place, where the scammer is a man in the middle but appears to be an owner.

If you want to prove ownership of an address that has funds, you move the funds out first, and give out the private key, proving that at one point you possessed ownership of the previous address that had a balance. (Warning: giving out a single private key and xpub key for an unhardened hd wallet derivation can lead to an attacker taking all your wallet funds)