Well, their Second Life keys. Not their door keys, I imagine they are still concerned about those.

afaik no one ever managed to spoof someone else's key so (compared to say, stealing their logon) it became a non-issue.

Well, yes, it was always a non-issue, but it used to be the case that compiling name-to-key lists was thought very shady behaviour. By some.

Some people feel that all behaviors other than their own are shady behaviors.

Sometimes shady people. Well, I shall skip the "why keeping keys is not Evil" part of my MySQL/PHP/LSL/kitten tutorial then.

I assumed keystroke logging, i.e. recording another person's keystrokes (to steal a password, etc.)

Name2key databases are quite handy. I use one for the Deliverator, without the DB it couldn't find anyone to deliver to.