You could do it many ways, but providing a unique token would be a standard way to do it.
So the Comment
model would have a column called confirmation_token
which you could set to be random when the comment is created and a column called active
which is false by default. Then you send a confirmation email with a link that has that token as a param:
http://www.mysite.com/comment/85/?confirm=<insert confirmation_token>
When that page is visited, you pick up the confirmation_token
in your controller and set the active
column to true if the token in the url matches the token in the database.
This is how many different types of confirmation are done, including most plain vanilla registrations (e.g. through Devise).