Kerberos is name-centric rather than key-centric, and "principal" is simply a short form of "principal name," i.e., an entity of any sort whose name has sufficient value to be worth (the Kerberos server) binding a key to it. As naming is an open-ended, far harder problem than authentication, we limited ourselves to a problem we could actually solve avoiding the rat-hole of naming by, like all good academics, leaving it to the reader.
Happy New Year, --dan
