There is only one way certain way to prove ownership, and that is by giving your PRIVATE KEY to that someone.
After that moment, both you and them become "owners" of that address as both of you control the ability to sign messages and move funds (if any exist). If one of you discards the private key, and has no physical/mental backup of it, nor any recollection, they lose ownership.
This is a very bad practice, and I think you should not do this under almost any circumstances.
Giving someone your private key can potentially make you look very bad in the future. For example if you publicly state a particular address belongs to you, and the third party later goes on to do some nasty illegal or harmful stuff and that address is involved in receiving or sending a payment for this stuff.
1) Having a signed message that belongs to that public hash does NOT prove you have ownership, it's mearly proves to someone, that you possess that signed message, but you might or might not be the orginal actual signer or owner.
I alluded to this point
previously.
A signed message could be the result of the real owner being tricked into signing a message, or the real owner colluding with a third party, attempting to fraudulently prove they own a UTXO/address they do not own.