Data authentication and user authentication are closely linked in the sense that it is often an individual (e.g., the author) that certifies the authenticity. In the case of a digital signature system, there needs to be a way to associate an individual with their public key. The usual way of doing this is through the key certification authority, who verifies the identity of the individual through some independent means. The user can only sign information by remembering the secret key and using it in the signing process, but they no longer need the certification authority to be available for the signing or verifying process.
An alternative procedure might be to use biometric authentication techniques to identify the user at the time of signing. Such a system can be built using an on-line signing service to accept the biometric measurements, and if the identification is positive, to use the secret key on behalf of the user to generate the cryptographic binding of the document to the identify of the user. This has the advantage that the user need not be responsible for keeping secret keys, but it has the disadvantage that the signing authority needs to be online.
A more serious potential problem is that the ``template'' against which the biometric measurement or observation is compared is sensitive information, and cannot generally be made public because it can open the system to impersonation attacks. This is essentially the same problem as that of passwords, that the information used to verify identity is sensitive, and needs to be protected. This implies also that unless public key cryptography is used, the signing authority needs to be online whenever the authenticity of a signature is validated. This severely limits the transferability of authentication information from one system to another, and can potentially lead to a bottleneck and single point of failure in large systems. This will be a big problem with a distributed network consisting of machines within different administrative/security domains. I therefore believe that biometric authentication is better suited to user authentication than data authentication.