If anyone actually has access to those keys in a manner in which they could be leaked, that is... utterly terrifying. Like the private keys for root CAs, they likely are under strict access controls making exfiltration quite difficult (hopefully impossible barring multiple levels of process breakdown)
For a first attempt at an ME-less system it would suffice to have them sign a firmware that completely disables it, and while I don't think I've ever heard of a CA leaking its private keys, there are plenty of instances where CAs have issued "rogue" certificates. (Who knows, maybe the NSA has already gotten Intel to sign their own backdoored version...)
multiple levels of process breakdown
...which is exactly the "everyone working on ME decides to defect" situation I mentioned.
If anyone actually has access to those keys in a manner in which they could be leaked, that is... utterly terrifying. Like the private keys for root CAs, they likely are under strict access controls making exfiltration quite difficult (hopefully impossible barring multiple levels of process breakdown)