With the master public key and a single, non-master private key as inputs, it's possible to calculate the master private key. Is that correct?
Correct. Well, to be precise, you also need the seed S (besides the master public key and a single, non-master private key). Electrum uses the master public key itself as the seed, while Armory uses what it calls a
chaincode. However, this doesn't make a difference because for practical purposes, i.e. in order to be able to generate the chain of
public keys, both the master public key and the seed will be stored together on the same machine.
A private key should never be shared, and the idea of "redeeming" a private key is silly; the only sensible way to transfer value is to create a transaction.
Yes, any best-practice document should reflect this. More so since deterministic wallets are already in widespread use.