I'm not sure I understand your threat model. True, ':0.0' doesn't
give you an encrypted connection. However, what it gives you is,
according to the X window system overview man page, "the most
efficient way of communicating to a server on the same machine".
Usually, this is a Unix-domain socket --- /tmp/.X11-unix/X0 or some
such thing. So, if you're worried about someone sniffing packets,
there's no need; the kernel's TCP system never even sees the data,
much less the Ethernet driver.
So, I'm not sure I see how an attacker might observe this data in
transit unless they can read kernel memory. But if they can do that,
then you're totally compromised anyway --- in particular, ssh's
encrypted wrappers around X are no help at all, because ssh ultimately
does have to make unencrypted connections to the X client and server
at the endpoints.
rst