On Fri, Mar 27, 2015 at 11:50:44PM -0500, Massimiliano Pala wrote: > I do not really feel > comfortable adopting OIDs that are under the control of a single > organization. Would this be a first case ? I don't see any possibility of "control" of a leaf OID once it is assigned. All that organizations control s the issuing of new OIDS under particular prefixes, and their prerogative is basically limited to avoiding collisions with other people assigning OIDs under their respective prefixes. Once you publish an OID as fit for a particular purpose, you cannot take it back. So I see no risk here. MIT's and Microsoft's OIDS are used in Kerberos, for example. This has not and cannot cause any problems. -- Viktor.