I would say the design already absolutely allows this, someone could set up a registry that essentially acts as a proxy by implementing the registry API and calling out to other registries to serve the actual data.
Since the configuration is per user, not per package, it also seems tractable to me that this could happen at any time after GH hypothetically became a common choice for the default registry.