However, I suspect that (c) would strongly encourage people to clean and untaint() their user intputs as soon as they acquire them...
Regardless of the existence or presence of taint mode, secure applications do this already.
I understand your argument (reusing capture groups for untainting was a mistake of the premature reuse of a feature), but I don't see the current situation as an onerous burden. Even without taint mode I would still write my code to perform input validation at the edges of the program, just as I handle encoding concerns at IO boundaries.