Their secure boot specific FAQ doesn't say anything like that and specifically references Matt Garrett's documents on the matter. Fedora obviously doesn't think there is anything wrong with signing a GPLv3 GRUB2 and the FSF links to it as their explanation.
There is another thread along the same lines here https://lwn.net/Articles/504015/. A vendor shipping a signed, boot locked, GPLv3 GRUB2 would be a pirate, distributing without a valid copyright license. There are many way ways to resolve that, recalling/refund/RMA of hardware, a firmware update, etc where disclosing the private signing keys is the least likely method to achieve compliance, although it is a valid one.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds