Exactly. "Did this email originate at $server" is what DKIM and SPF are meant to solve and IME they work well. Setting them up is not particularly difficult and there is a wealth of open documentation about it.

The point is "proving" something without showing them the proof. E.g. someone Company X trusts looks at the documents or etc and sends a signed confirmation that they confirm X, Y, and Z about Person A.

The point being that Company X does not have a copy of the sensitive information (and neither the liability of losing it) and the Digital Notary would (in theory) have better procedures for properly deleting or storing the data as needed.