That's currently just an idea in the 'Open questions' section of the spec, but there is already pushback against it from others closely involved in the spec & discussion around this (
https://github.com/RupertBenWiser/Web-Environment-Integrity/...) and notably the attestation feature Google already shipped on Android for native apps in the same situation does _not_ do this.