key storage

My understanding is that Red Hat's signing infrastructure is a physical apparatus, the same approach taken by serious CAs and other public key infrastructure authorities. Such hardware isn't designed to reveal the key via software, because such a feature serves no day-to-day function and has obvious negative security implications. Thus no amount of breaking into Red Hat systems would allow attackers to steal the key (though with enough privileges they could ask the hardware to sign individual packages and they seem to have done this). I don't recall reading anything similar about Fedora's keys so those may not be so well protected -- and the mentions of a "passphrase" suggest that they're just ordinary software OpenPGP keys, easily copied from the filesystem.

If the encrypted Fedora key was stolen then the only things protecting a typical Fedora installation from trojans and similar attacks are a trustworthy communication channel (dubious since they mostly update via HTTP or FTP) and the strength of the passphrase for the encryption. Let's hope they chose well.