But this raises the question: why didn't satoshi use sept160k1 which would have pubkeys of only 40+ digit hex (corresponding to the strength of ripemd160), instead of 64+ digit hex for sepc256?
What you're missing is that paying to 160-bit script hash is an addition that wasn't part of the original client. Originally you paid directly to the full public keys.
Are you saying that you had to put a public key in the client when you wanted to pay someone?