As by the specification, the platform is initially in "setup mode", with no public key is installed. After the first public key half of the "platform owner" has been enrolled, it switches to "user mode". Except "platform owner" is really Microsoft, not you. It does not take any privileges or authentication to install their key, and that is just what Windows8 install does, without asking.
There's already 2 Linux distros going to support secure boot and no reason why others can't follow. And part of the standard is that users must be able to disable it if desired, so no problem at all there.
In "user mode", the platform only allows execution of signed software, and installation of public key halves that are signed by the already installed key. Which is a key controlled by Microsoft. You can clear the key by writing a zero key that again must be signed with the installed key. Which means you can only regain access to your computer if Microsoft lets you.
Are you talking about ARM or x86?