As I understand, you can remove and replace keys *only through the firmware interface* - the "hit F2 as your computer boots" screen. The user has to do that manually: it can't be done automatically by any program or any remote connection to the computer. So it's not a security hole - secure boot isn't supposed to protect against attackers with physical access to the computer.

There are two problems with not offering a signed bootloader. Firstly, new desktop Linux users mostly experiment with installing Linux on a computer that was bought with Windows. The scarier the process looks ("Disable secure boot in the firmware? That doesn't sound safe..."), the more potential users we lose. Secondly, secure boot is a legitimate security feature, that can benefit people who wouldn't be prepared to sign their own kernel. They shouldn't have to accept reduced security to use Linux.

It's definitely not an ideal solution. But I agree with Matthew that it's the least-worst option. 'The fight to stop this' probably isn't going to get much traction, even if Fedora & Ubuntu put their weight behind it.