I don’t think that helps at all. We already know how to consume that securely, we do it billions of times a day in web browsers.
> the inbox should work on an invite only basis. Basically you should pre-authorize the senders just like you add someone as friend on a social network.
Yes. A fundamental problem with email is that the only thing required to send email to somebody is knowledge of their email address, which as a recipient you cannot control. This is what enables spam and phishing. This needs to be changed so that in order to send email to somebody, you also need their consent. A “friend request” mechanism is one way of achieving this.
I think this is a problem that can be feasibly solved in a fairly reasonable way, and I sketched out a protocol for doing so a while back, which I described in more detail in this comment:
But then you’re left dealing with spam “friend requests”, which is still something I have to take action on, filter out, or ignore — same as spam email.