Note, this makes the system more secure, because the manufacturer is no longer a single point of failure, and a compromised key can be rotated by the account owner.
As long as the system is fully auditable and open source, I’d be happy. Having the keys be external is a big plus, assuming that is fully auditable as well. Having no “management engine” is a big plus too.