They managed to get the signature to bypass SB? If so, great for them. But are they under a contract to not reveal the key? Because what's stopping them from giving it away to other distros? Or, what's stopping other distros from just taking the same files involved that make the key operate? If other distros are able to use this and assuming the signature applies to pretty much any device made, why does FSF care about stopping SB? Obviously I know the answer to that question if the sig is locked with just Ubuntu and Fedora.
You don't get the key, Microsoft just send you back a signed copy of the binary you sent them. If you don't want to deal with Microsoft yourself, just use the version from http://mjg59.dreamwidth.org/20303.html