QubesOS does a lot of good things, but Secure Boot is sort of a nonnegotiable for a lot of security profiles because its one of the few ways you protect boot.
I'd be interested to hear from someone more in the know why they haven't implemented it yet.
> Anti Evil Maid is an implementation of a TPM-based dynamic (Intel TXT) trusted boot for dracut/initramfs-based OSes (Fedora, Qubes, etc.) with a primary goal to prevent Evil Maid attacks.