Currently, requests can only be used to request messages to be sent to the original secret owner. This is the 'happy case' where the secret was not the thing securing our account itself, so the custodian can be sure they are sending the shard to the right person.
However this is often not the case, and the custodian needs to 'forward' a shard to a new identity.
It is currently difficult to make a request for a forward, because the request message contains the root id, which the new identity will not have access to for the first shard they request.
So here we allow request messages to contain either the rootid or the public key of the original secret owner. It is up to the application to decide how to interpret the latter. Either:
So this PR updates the schema for a request. This is a non-breaking change - original tests still pass.