Not really a fan of putting secure boot on. The only purpose that serves is locking the customers out of their purchased hardware. Raspberry Pi is clearly not targeting the maker market with those changes, they want that corporate money and are willing to stick the finger to hackers and makers in the process. Can’t make custom firmware if you can’t boot it.