I am looking for roughly how to generate new DKIM keys without effecting existing mail. It sounds like the only concern is mail in transit. Is there a common procedure for doing this?
You would generate a new key pair. Publish it in a new new selector._domainkey.example.com. Wait for the new selector to propagate in DNS. Update your e-mail system to use the new selector. After a week or so, remove the old selector DNS record.