You probably can make this case in the future even if you want to use CAS
clients. [1]

As far as the arguments, the pros/cons of my SP are pretty well known,
although it's not quite as much of a difference with cosign as it is with
CAS (from what I know, I'm not a cosign expert certainly).

FWIW, I would welcome help from people who know how to build native SSO
implementations and honestly it would be nice to see people not just
migrate from something but shift some of the resources into helping
maintain and enhance the thing they're moving to. I can't keep doing it
alone (meaning the SP).
That too, but that's certainly why the CAS support Marvin's planning to
donate and maintain is a good thing.
Well, the win is the flexibility of having different kinds of application
footprints and integration strategies, but that's why the protocols really
belong in the IdP code base (cosign included if UM is interested).

But certainly not isolating the question to the IdP, no. It's never as
simple that way as just using the system the way it was meant to be used.
The earliest history of the project has been a constant war between the
idea that we should defer authentication and those of us that believed we
needed to do it, and the results were always mixed because of a lack of
commitment. V3 is probably 90% about authentication and session management
redesign when it comes down to it. We're all in, finally.

I'm responsible for the majority of the code base over the life of the
project, and my view has always been that Shibboleth is an attribute-based
SSO first, and a federation solution second. That may be shocking if you
think it's a terrible enterprise SSO, but that's a reflection of differing
over requirements, not a lack of intent.

-- Scott

[1] http://marc.info/?t=140804144300012&r=1&w=2