If OCSP was done over HTTPS, you'd end up with an infinite loop - you'd have to do an OCSP query to check that the OCSP server's certificate is not revoked, and so on.
Sure HTTPS wouldn't help if an attacker had the cert for the OCSP server, but I feel like that is rare to happen compared to other certs being revoked and I believe there are privacy / anticensorship benefits you ran get from https.
To me it seems simple to just skip an OSCP check compared to having to use HTTP.
To me it seems simple to just skip an OSCP check compared to having to use HTTP.