As this proposal is in the name of consistency, is there an argument we
should be strict and explicitly define *which* loopback address DNS servers
must return when queried?
I was intentionally vague on that point, as one of the scenarios raised in
https://github.com/w3c/webappsec-secure-contexts/issues/43 was a developer
who was pointing `project1.localhost` to 127.0.0.1, and
`project2.localhost` to 127.0.0.2 in /etc/hosts (and presumably had a
server configured accordingly). It seems like that's a reasonable thing to
support. Any loopback address is fine with me.
I use multiple IPv4 127/8 addresses all the time. For example, I run
a funky local stunt DNS server on 127.0.1.1 and configure my local DNS
cache to use it for a branch of the name tree. So yes, any loopback
address will do. (We can save the question about a link-local IPv6
address on a loopback interface for later.)
R's,
John