It's d) Tell people they're not allowed to do that!
Seriously, if the solution is a) (unlikely, too sensible), nothing prevents the smart ones to use an older, unfixed version. As for b), detecting tampering, it's very difficult to distinguish between permitted (annotations, additional information) and malicious tampering. On hastily pieced together documents (meaning most of them) it will still be possible to cheat, because a field overflows, or at least is placed in a way allowing you to make believable additions to the otherwise inert main text.
IMHO the only safe way would be to make special, dedicated and certified programs for just that use. They might use PDFs, but they would have to be built in a way allowing you to make sure a document hasn't been unnecessarily tampered with. Separate cryptographic signatures for the different fields (main body, annotations party A, annotations party B, signature party A, signature party B) would be a good start, allowing you to know in a glance what has been changed and by whom. In-document versioning (allowing to know what was there initially) would be useful too.