I've not heard nor seen of a better design, alas, but the security is badly needed with Windows machines giving the tens of millions of infected botnet PCs, many of which utilize rootkits or boot tinkering.
Won't certainly dispute that.
Keys seems to be the only route security seems to be working with, and until a better method is devised issues like this one will continue to crop up every now and then.
ARM uses a chain of trust method based on a public key signature protocol, for which
Ellipsys-SB was developed. There's also the
AEGIS secure bootstrap process (pdf link), developed at the University of Pennsylvania.
These are two examples, of which I'm unsure of their comparative capabilities to UEFI SB own implementation. There are indeed other methods that can be applied that don't need to rely on a CA and that, by virtue of this, don't segregate operating systems based on their licensing limitations.
InfoWorld published yesterday a summary of an ongoing debate between Red Hat and Microsoft over this very issue.
Worth a read. Clicking on the links therein is also a must. Personally I think Red Hat is taking this the wrong way. I don't see this as a Microsoft move to remove competition from the PC platform. Makes very little sense that reasoning to me. It however is true that Microsoft certification program hasn't done anything to force OEMs to add on/off functionality. One would expect this to be a requirement for the Logo Program.