Secure boot and TPM are good technologies. You can roll your own keys and Microsoft won't have anything on it.

Do people still think you need to have your boot program signed by Microsoft in order to use it?

I also wonder if this sentiment is what stalled development in other more traditional projects like BSD derivatives. I'd love to have FreeBSD with secure boot and loading ZFS keys from the TPM.