I don't see a big issue here. Most workstations are bought with an OS pre-installed simply because it is legislated. Corporations wipe them and re-install their own 'flavour' of the OS - even if it is the same version. And many private buyers do too. We install our own flavour of the OS regardless of what came on the PC. We buy workstations with 'Home' editions and install 'Pro' editions (legitimately) ...
One of Microsoft's more evil policies is that corporate bulk Windows licenses are only upgrades. Thus, you cannot (legally) install a volume license on a naked machine. Thus, you need to buy a system with an OEM license only to blow it away with the corporate version. This means that you have to do exactly what you are doing (buy systems with preinstalled OSs) in order to remain in compliance with the license.
We will not be buying hardware that doesn't come with the PKI Key declared - and I doubt that any of the serious vendors (eg Dell, IBM, Toshiba, etc) would ship equipment without the PKI Key clearly identified on a sticky label on the box.
Having the public key will not help you here unless you simply want to insure that you can install an OS the vendor approved. Knowing the public key will allow you (and the bootloader) to verify and OS, but not to make a new one. If you want to be able to install another OS, you either need the means to add a public key of your choice the the system, or limit yourself to operating systems that have been signed by the system vendor.