I took another look, and I see I didn't realize this section
is just about signers, not about forwarders, so:
I suggest we change the last sentence of section 4 to:
Signers SHOULD NOT remove any DKIM-Signature header fields from
messages they are signing, even if they are unable to verify
those signatures.
Then perhaps add an informative note:
INFORMATIVE NOTE: A message forwarder may remove DKIM-Signature
header fields if it modifies a message in a way that makes it
implausible that a subsequent verifier could verify the
signature, e.g., if it reorders the MIME parts in a message
or flattens an HTML message to plain text.
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html