Yes, it requires that the validation key will exist only in SGX. Why is that bad? The enclave generates the key, seals it and exports it. The sealed key can be unsealed and used by the enclave for validation. It can also be backed up and restored on a new machine running the same enclave. The validator never needs direct access to the validation key because it can always validate in SGX as long as it remains compliant with the above policy.
Also keep in mind that the validation key is not the withdrawal key. The validation key must be online, so it seems safer to keep it in SGX where it is used with some sanity checks. The withdrawal key is never kept online and is not needed by SGX.