Anyway, what we have done for 5.0 is move a number of the security-related parameters over to acs-kernel, though not all of them, and generally redirect you to the login page of the current subsite to assist with theming.
However, tackling the full problem is out of scope for 5.0.
If you want to push this, I encourage you to talk with Frank Nikolajsen, who has expressed interest in this issue, and put together a more complete proposal, along with drawbacks and security issues, and post that as a TIP for the next release.
Thanks for your suggestion, though.
I'm going to close out the bug until we have a TIP decision. :)