I have a question for the network security gurus out there.....

We have a 3-firewall structure:

        \                \                \
Inet  /   DMZ1   /  DMZ2   /  Core
        \                \                \
        /                /                /

The \ represent the firewalls.
Inet is the internet and core is the core network.

The current debate surrounds 2 architectures:
Arch 1:  
    DMZ1 houses multiple hardened web servers.
    DMZ2 houses the App Servers, LDAP Servers, etc.

Arch 2:
    DMZ1 houses a hardened reverse proxy.
    DMZ2 houses web servers, LDAP servers, App Servers, etc.

Any thoughts on the pros/cons of either approach?