...
I have also returned to work on design and prototyping for the SP, mostly a lot of mental exercises thinking about different ways of organization organizing the configuration. In particular the challenges of actually supporting a hub capable of being shared across many different agents operating in different web sites is proving to be a major complication as compared to the current design that tightly couples shibd to the agents it serves. Coming up with a design that keeps common cases as simple as possible is the priority, as the less common cases will likely be somewhat harder to express (e.g., consider if you want to override a behavior for a specific IdP for only a subset of agents and how that might be expressed).
...