That’s your call as PEP author, but probably? I do know, though, that PEP 639, Round 3: Improving license clarity with better package metadata - #174 by abravalheri is asking for a reference implementation for verifying the glob pattern meets the spec which we should do if we are going to have more standards rely on it.
Good question. I assumed the keys would also need to be standardized, so that’s a bit of a guard rail so people don’t toss in random files into random places. Is there any reason to not start with the assumption that [additional-files] will only pertain to .dist-info but can be changed later if we find it’s too strict? Or do we even need to define this upfront and we all just have shared expectations for the purpose of the table so we know what we are bringing into the pyrproject.toml spec? Otherwise we can just avoid being general and just have an [sbom] table if people are too worried about planning for the future that might not be.