the security of FDE relies on inability to boot things that are not measured, which can fake a TPM prefix attack. Meaning if one trusts keys, that one cannot fully control there is risk that the owner of the key has signed something that may be abused to bypass FDE.
Thus to achieve full FDE security, UC20 gadget uses shim signed by an Online UC20 key chained to Canonical controlled UC20 CA. Thus a device manufacturer can ship UC20 key in KEK & DB, and be sure of uncompromisable security of the system. No other systems, but UC20 will able to even start bootloader on such systems.
However, majority of hardware out there do not have UC20 key in db, and thus the default gadget with such UC20 signature will not boot at all anywhere. Therefore we made a dual-signed shim, which in addition to the UC20 signature, has a signature chained to teh Microsoft 3rd Party Root CA (aka UEFI 2011 key). This key is widely shipped on many SKUs out there in db, allowing to boot & install UC20 out of the box. However, such systems rely on cooperation between Canonical & Microsoft to sign the shim, but also to sign dbx updates with revocations of vulnerable binaries that allow FDE bypass.
If your goal of your device to boot with MS UEFI 2011, you can choose to strip Canonical UC20 signature, or only ship shim signed by MS UEFI 2011 key like it is shipped on classic ubuntu.
The dual signed shim signed by both Microsoft and Canonical UC20 key is available from UC20 Staging PPA : “Canonical Foundations Team” team PPA, in deb format only. This is the archive that is used during gadget building.
So dual-signed shim is used to boot on different hardware - secure hardware that only allows booting UC20 and nothing else; and more widely available hardware that will boot anything signed by MS ever including UC20 (there really is a lot of things singed by MS UEFI 2011 key, like every Ubuntu release since 12.04 LTS!)