According to the t-shirt ‘There’s no place like 127.0.0.1’ but one Google engineer queries just how secure this home is.
A Google engineer, Mike West, obviously doesn’t think that the 127.0.0.1 domain is secure enough. West has submitted a standards draft to the Internet Engineering Task Force (IETF) seeking to formalise treating localhost in a secure context.
In his draft, West wants to update RFC6761 so that the localhost domain and any names falling within it resolve to a loopback address. “This would allow other specifications to join regular users in drawing the common-sense conclusions that localhost means localhost” West insists “and doesn’t resolve to somewhere else on the network.”