I think there's an angle to the plausible deniability that many people are missing.
Email servers get hacked all the time, right? A disgusting amount. Its almost like security is really difficult; in fact, its difficult to secure both the emails and the DKIM private keys. They're usually on the same server, after all.
If a DKIM private key gets hacked, and the world relies on DKIM to provide non-repudiation in the verification of email leaks, then a hacker who obtains someone's DKIM private key could forge an email to contain any content they want, sign it with that private key, then leak that. The world says "its DKIM validated, Trump really did kill a litter of puppies twelve years ago", Trump tries to say "no, my email server was hacked, i never did that but they got my DKIM key" and who the hell would believe him? The headlines have already been written, and the argument against it is some crazy technical terminology a hundredth a percent of the population actually understands?
Ok, well, maybe you should rotate DKIM keys. Not necessarily make the private portion public, but at least rotate them and totally destroy the old private keys. But, again, if an email server is misconfigured enough to leak data, then its likely the admin is incompetent enough to also not be rotating keys. Moreover, unauthorized access to a server could happen over a period of years, during which hackers collect the rotated DKIM private keys while letting the admins think they're being deleted correctly.
The problem here isn't really DKIM; its the public's perception of what it was designed for. Technologists invented something, journalists discovered it, read a wikipedia article, and thought "woah we could use X for Y". So, I think it makes sense that we need a big name like Google to come out and say "Stop, this is not what this was designed for, it has major limitations in being used for that, and we're talking about real-world consequences like ruining potentially innocent peoples' lives."
If everyone had a proper understanding of email and was not dumb enough to send out secrets via email, or to at least encrypt the content of those emails...then nobody would believe such a leak to be plausible.
Email servers get hacked all the time, right? A disgusting amount. Its almost like security is really difficult; in fact, its difficult to secure both the emails and the DKIM private keys. They're usually on the same server, after all.
If a DKIM private key gets hacked, and the world relies on DKIM to provide non-repudiation in the verification of email leaks, then a hacker who obtains someone's DKIM private key could forge an email to contain any content they want, sign it with that private key, then leak that. The world says "its DKIM validated, Trump really did kill a litter of puppies twelve years ago", Trump tries to say "no, my email server was hacked, i never did that but they got my DKIM key" and who the hell would believe him? The headlines have already been written, and the argument against it is some crazy technical terminology a hundredth a percent of the population actually understands?
Ok, well, maybe you should rotate DKIM keys. Not necessarily make the private portion public, but at least rotate them and totally destroy the old private keys. But, again, if an email server is misconfigured enough to leak data, then its likely the admin is incompetent enough to also not be rotating keys. Moreover, unauthorized access to a server could happen over a period of years, during which hackers collect the rotated DKIM private keys while letting the admins think they're being deleted correctly.
The problem here isn't really DKIM; its the public's perception of what it was designed for. Technologists invented something, journalists discovered it, read a wikipedia article, and thought "woah we could use X for Y". So, I think it makes sense that we need a big name like Google to come out and say "Stop, this is not what this was designed for, it has major limitations in being used for that, and we're talking about real-world consequences like ruining potentially innocent peoples' lives."