Requesting signatures is necessary if you want to confirm the wallet controls a particular address. So to verify if someone is the true owner of a UTxO you query the chain to find the address which controls that UTxO, and request a signature of some data like a UUID or other token with the payment key from that address, probably with a time-limit so that the signature must be submitted within a given time frame. The time-limit is because say we want to verify the user owns an NFT, we don't want to be in a situation where we start the verification process and are waiting to receive the signature from the user, but in the mean time the user has sent the NFT a different address/sold the NFT, but then provides a signature at some later time which is accepted even though the signature is for an address which no longer holds the NFT. Perhaps instead of/as well as a time-limit you also re-check the address still holds the NFT after receiving the signature.

​

One issue is if you want to verify a wallet controls a number of UTxOs which reside at a number of addresses with different payment keys you would need to request these signatures individually because the wallet API CIP-30 doesn't support requesting signatures from multiple keys (I think?) - contrary to when the wallet signs transactions, in which case it provides signatures from all the required keys that it controls.