[bri3d]

I think the idea behind the signed bootloader is that the kernel that the bootloader loads will then be trusted as well. In this way the chain of trust moves up the boot stack and the risk of an early-boot / kernel rootkit can be minimized, especially if the kernel also tries to verify the authenticity of all modules it loads into kernel space (which Windows already does and has for quite some time - please note that I specified "tries").

I don't think this will affect corporate Windows installations as you'd presumably be installing a signed kernel and signed drivers - as the post above yours states, it's very rare to use a non-Microsoft-supplied kernel and unsigned drivers in the corporate environment today.

Signing a Linux bootloader could be perceived as a potential breach of this trusted boot process, as Windows could then potentially be loading in an emulated environment created by a malicious GRUB module or the like. Chances are, nobody subscribing to Trusted Boot will ruin their marketability by either a) not providing a way to disable the trust verification or b) not signing a Linux bootloader. However, that possibility is what has the rash of speculative "Linux won't run anymore!!!" articles running around the internet this week.

More solid info on the trusted boot process can be derived from:

http://lanyrd.com/2011/bldwin/shkft/