I think it would be a good idea to have the IETF (or some organization
speaking
for the IETF process, perhaps ISOC) registered as an "ISO-identified
organization"
(i.e. under the OID 1.3) which would make it easier for any RFC or internet
standard to specify own OIDs in a globally collision-free way if they need it.
The IETF has had its own OID registry for many years now. It is used all the
time to create OIDs for IETF standards documents. Every document that contains
an SNMP MIB has such OIDs in it, for example.
Getting an OID for use in an IETF standard is simple: Send mail to
IANA(_at_)ISI(_dot_)EDU, tell them what you want the OID for, and they send you
one.
Responses are usually within hours if not minutes.
The 1422-defined RevocationList is a good example where you have a lack of
specification when you use PEM in conjunction with an X.500 Directory. To get
registered as an ISO-identified organization is an easy process at no cost,
and
other organizations like OIW or EWOS did it as well.
BTW, this could be a possibility to get rid of the RSADSI-defined OIDs
1.2.840.113549.x.y.z (from RFC 1423 and PKCS) which can be a pain on platforms
with 16-bit integers (for instance, when using the ISODE pepsy-compiler for
ASN.1 encoding/decoding on a MS-DOS platform).
Speaking as someone who went to a lot of trouble to deal with the OIDs in
RFC1327 that do not fit in 32 bits, let alone 16, I don't have much sympathy
here.
Ned