Confusion about terminology. What is a principal?

In this page of the documentation it states the following:

Regardless of the development workflow you choose, keep in mind that when you deploy a canister for the first time, either on a local execution environment or on the Internet Computer, a unique principal identifier is created for your canister smart contract.

From reading the glossary I was led to believe that a principal describes a person with an identity, yet the above paragraph implies that the canister has a principal id. Does it mean that a principal identifier can be associated with a canister? i.e. that a principal identifier can be the controller for a canister?

Useful discussion here What is the difference between Account identifier, Principal identifier and Public-Key

Yes, a principalId (i.e. a user) can be the controller. A controller is an identity that has rights to manage the canister. It is usually the textual representation of a principal.

Principal describes an entity (like a legal entity) - an actor in a system which is enabled to perform actions on their own.

I don’t know for sure, but there is an opinion that this term was inspired by Agency agreement terminology. Which seems okay to me, since it is pretty simple to describe a canister like an agent of the agency agreement.


As Principal ID to me, it can be referred to a normal user enjoying IC Dapps, and it can also be an ID for a Canister where Dapps run on it.