First let me say that I agree in principle with the concerns. BUT, I do not agree that this is a Microsoft "issue, problem, power play, etc." but instead an OEM responsibility.

Facts:

"Windows 8 certification requires that hardware ship with UEFI secure boot enabled."

Check. That's a good thing, right?

"Windows 8 certification does not require that the user be able to disable UEFI secure boot, and we've already been informed by hardware vendors that some hardware will not have this option."

Check. Why would Microsoft be responsible for requiring OEM vendors to implement any feature of UEFI? Also, could you elaborate on which hardware vendors specifically have informed you that "some hardware" will not have this option? If not, why not? More detail on "some hardware" would also be helpful.

"Windows 8 certification does not require that the system ship with any keys other than Microsoft's."

Check. Again, why would Microsoft have any responsibility for including a requirement to ship any keys other than their own?

"A system that ships with UEFI secure boot enabled and only includes Microsoft's signing keys will only securely boot Microsoft operating systems."

Well, that's not entirely true - if anything, another omission of truth at best. It should read:

"A system that ships with UEFI secure boot enabled [with no user option to disable] and only includes Microsoft's signing keys will only securely boot Microsoft operating systems." Right?