Luckily, it requires just a small bit of common sense in this case to "just don't do that, then": when creating a service, just don't use a one-digit code.

As a slight counterpoint to your "no-one looking after it" argument: the fact that nobody is expanding the protocol beyond its merit is a good thing too. Look what happened to OAuth... The original author ended up being so disgusted by the corporate bloat that he resigned from the v2 working group.

I don't disagree that a better, sensible standard would be great.