I'm not going to present a moral argument (what is a moral argument in this context?), only two direct rebuttals of your objections:
1. DKIM provides neither truthfulness nor objectivity. It's a signature mechanism used between mail servers to reduce spam. For implementation reasons, most DKIM users sign with RSA keys that are either currently crackable or will be crackable in a matter of years. Consequently, "signed" emails that are leaked years after their alleged transmission provide a false sense of non-repudiation.
2. Per 1, these emails are already impossible to authenticate after a period of time. This just makes the expectation more explicit. More generally, however, this just isn't a fruitful (or intended) application of DKIM: if the government wants to obtain evidence of a crime, they're going to subpoena the email provider and retrieve the originals. If the suspected criminal is sufficiently important, they'll use pointier methods. The outcomes of our criminal justice system intentionally doesn't hinge on the validity of a few DNS-published RSA keys.
First: I don't think Matthew Green "resorted" to anything. I think he chose the blackmail example because it's easy to understand on a personal level: we all use repudiatable protocols in other contexts (like Signal), so why wouldn't we want it on our emails?
Second: That's not how blackmail works. It's contingent on what the extorted party thinks, not the cryptographic integrity of the blackmail material. That's why mass blackmail spam campaigns (that DKIM fails to prevent, ironically enough) are remarkably effective. Publishing DKIM secret keys after their expiry doesn't magically prevent blackmail; it just removes one more tool from the blackmailer's toolbelt for instilling fear in the target.
The problem is that it's not clear about it. It looks like it does quite a bit, and the counter-argument boils down to "someone could have cracked the secret key", which everyone always is told is the thing that is impossible. So you get plenty people believing and claiming DKIM can do that. This would be fixed by obviously breaking it.
1. DKIM provides neither truthfulness nor objectivity. It's a signature mechanism used between mail servers to reduce spam. For implementation reasons, most DKIM users sign with RSA keys that are either currently crackable or will be crackable in a matter of years. Consequently, "signed" emails that are leaked years after their alleged transmission provide a false sense of non-repudiation.
2. Per 1, these emails are already impossible to authenticate after a period of time. This just makes the expectation more explicit. More generally, however, this just isn't a fruitful (or intended) application of DKIM: if the government wants to obtain evidence of a crime, they're going to subpoena the email provider and retrieve the originals. If the suspected criminal is sufficiently important, they'll use pointier methods. The outcomes of our criminal justice system intentionally doesn't hinge on the validity of a few DNS-published RSA keys.