The development goal of compatibility with Microsoft Secure Boot has already been accomplished.
Quote:
Kicksecure Secure Boot Compatibility
Platform specific.
- Kicksecure: Kicksecure is compatible with computer hardware provider default (Microsoft) provided keys. Disabling Secure Boot is optional. However, if the user keeps Secure Boot enabled, DKMS key enrollment is recommended, which is documented below.
- Kicksecure for Qubes: See Qubes Specific.
This is a usability feature. It follows usability principle “reduce cognitive load”. Some article that I just found on the topic that summarizes the principle for reference what I mean by that: Design Principles for Reducing Cognitive Load | Marvel Blog - Marvel Blog
This is to reduce the challenges of for a first time Linux user to avoid having to guide them to go into their EFI settings to disable Secure Boot, which can be confusing, overwhelming and a blocker to Linux adoption.
Therefore no policy changes planned.
Secure Boot / full Verified Boot - without Microsoft keys - is also in development. Reference: