There is no money arriving in Microsoft's pocket, the key is bought from Verisign. Microsoft is in here only for one reason. Any board out there that comes with Secure Boot implemented will already have the Microsoft key in the ROMs, so using that key to sign your own bootloader/kernel is the logical thing to do to get maximum compatibility with all boards. This is not playing by Microsoft's rules.
Also, see it from a commercial view. Fedora is a testbed for RHEL. Not long in the future Secure Boot will be a requirement in large companies and Red Hat has to support it or they will have serious problems.