The authentication assertion is signed to prevent tampering. The attribute query and attribute assertion travel over an SSL/TLS connection which allows both ends to be strongly authenticated.
The whole exchange can be quicker for subsequent authentications – WAYFs typically provide short cuts for accessing recent IdPs, Raven only requires one login per session, etc.
Other message sequences are possible to achieve the same thing – we described an SP-first flow, but it is also possible to have an IdP-first flow where the user visits the IdP first, authenticate, and only then contact the SP. Another possibility is to avoid the use of forms and JavaScript (the SAML Browser/POST profile) by redirecting the user back to the SP with a small random token called an artefact which the SP then uses to collect the full authentication assertion over SOAP. This is know as the SAML Browser/Artefact profile.
Note the reliance on SAML, but remember that Shibboleth is just one of many possible applications that use SAML.
The WAYF can be provided by the SP – this can result in a cleaner interface since the SP knows who its customers are (e.g. Science Direct)