Secure enclaves (which seem to be a part of this proposed enhancement) should not really be required. If the address space segregation of the OS and the hardware it runs on is adequate, then it should not be possible for one process to spy on another, much less alter the memory contents.
Of course, it your processor or memory segregation had flaws which weaken the OS's protections, as has been repeatedly demonstrated on Intel (and other) processor families, then this may be a mitigation.
So it sounds like a hack to overcome other flaws in their own processors.
The other issue of trusting the code that runs is a different issue, and there are many ways of doing this. What this protocol does is allow a client to check that the server-side code is untainted, which may have some merit if you can't trust that the servers you're talking to. But it seems to rely on a third party (the CA), and that has issues such as denial of service attacks.