The first three changes are clear improvements and are incorporated already in the oacs-5-8 branch.
Are there arguments against allowing username or email address in the login field (proposed changed 4 and 6)?
concerning proposed change 5 ("lower" weakens constraint on screen_name, email, etc): It seems to me as if the datamodel of ]po[ misses some constraints: parties has a "lower" constraint for email (parties_email_lower_idx), users has a lower constraint for screenname and username (users_screenname_lower_idx, users_username_lower_idx), so everything should be ok and no change is needed for OpenACS...