Not an iPhone developer, so let me know if this does not make any sense.
Is the Facebook public key hardcoded on the app? Since presumably the app needs Facebook to run, they need to be connected to the internet, so maybe there could've been some phone home page where the app gets the key (caches it for some amount of time) and uses that -- it won't fix the issue of Facebook revoking keys, but at least if it gets fixed (with Facebook) you don't have to resubmit an app and wait for Apple.
Facebook can just email Apple to request them to remove the apps from App store. And Apple do entertain such requests. I got one from Twitter. But from my limited experience, the people in charge of this seems reasonable.
I doubt either facebook or developers would be willing to expose their developer credentials / keys on a (mostly) publicly readable page. Embedding it into the app itself seems like the most reasonable solution.
I replied to the other thread, but basically, you're not supposed to put your private key on your iPhone app anyhow, as it can be taken. As for the public key, it is obviously public anyhow.
For Facebook things, you can go through a session proxy instead of using the private key. I'll imagine storing a private key on the app (on the iPhone) is not desirable anyhow. The public key is, obviously, public.
Is the Facebook public key hardcoded on the app? Since presumably the app needs Facebook to run, they need to be connected to the internet, so maybe there could've been some phone home page where the app gets the key (caches it for some amount of time) and uses that -- it won't fix the issue of Facebook revoking keys, but at least if it gets fixed (with Facebook) you don't have to resubmit an app and wait for Apple.