Multi-level certificate authorities...

The fun thing about only signing the loader with a specific key is that the signer cedes full verification and enforcement of allowable code to another entity (the loader) which may or may not use the same key or rules.

This is like having Microsoft sign the shim which loads GRUB. That way, Microsoft can disclaim any responsibility for code run on such a system after shim was loaded. We have similar situations with intermediate certificate authorities which get delegated full power from the root CA to sign anything they want. Obviously, that increases flexibility as well as attack surface. We had rogue intermediate CAs in the past, let's see what delegating this responsibility gets us.