One thing that occurred to me here is that we haven’t yet talked much about how this would affect lockfiles - and specifically the proposal at Lock files, again (but this time w/ sdists!). I would be very cautious about approving any proposal that didn’t work with lockfiles - regardless of where we are on standardisation, they are an important feature used by a large part of the community.
In particular, if we had a package with multiple wheels depending on, say, CPU instruction set, how would we handle creating a lockfile? Would the lockfile only contain one variant (and if so, how would it specify the CPU instruction set(s) it was valid for), or would it contain all variants (in which case how would tools like audit scanners and lockfile installers that don’t have a full resolver know which wheel would actually get installed)?
The lockfile discussion is still at pre-PEP stage, so there’s no “official lockfile spec” to consider here, but the linked thread contains a lot of questions like this which existing lockfile solutions are having to consider, and which any spec will need to provide answers for.