With apologies for the delay (lock files, illness, and a kid turning 1 take up a lot of time 
), but I’m happy to say that I accept PEP 770!
With the reduced scope to *.dist-info/sboms along with codifying the directories that are reserved in *.dist-info, I don’t think this PEP is controversial. As well, I think it will be useful very quickly for build back-ends to start including SBOMs based on what they use to build what’s contained in a wheel.
Thanks to @sethmlarson for all the work on this and everyone who gave constructive feedback!