I don't think it makes sense to remove the mandatory "u" tag from NIP-98 events. The "u" tag restricts the event (auth token) to a single endpoint and allows the user to know specifically what endpoint they are allowing the client to call on their behalf.
Removing the mandatory "u" tag would turn NIP-98 into a generic "HTTP authentication" method. and while it would allow the client to talk to multiple servers, I don't think that's a good thing.

Blossom has a "generic authentication" event because the user is "publishing a blob to wider internet" similar to how users sign nostr events and publish them to multiple relays. each relay doesn't require a separate signature because they are interchangeable and their purpose it to host the users events.

NIP-98 on the other hand is a authorization for a client to perform an action on a specific server on their behalf. and while NIP-96 uses it to upload files I don't view it the same as publishing. 

 There's no reason to make "u" mandatory.  I dont propose dropping it, just loosening it for the use case where there's no well defined domain.  ie blossom and similar things.  This was always the intent.

A bit of text would allow the blossom use case to happen with content addressable files, and also the domain specific use case.

This is a bit bigger than nostr.  The whole web needs such an auth scheme.  Thanks for the feedback though, definitely interesting and will try and take it into account.

Hopefully we can standardize this at the w3c level, so that more people can use it.  There's tons of communities that would benefit from single-sign-on, but do not realize it's working.  Similarly its very common to want to upload a blob on a server, via a user, and mirror it in many places, maybe even with payments.