Khaled - I think you are being a little pessimistic here (though that is of course your job as designer/coder).
We are only talking about user settings for a server where they want mIRC to authenticate for them (as opposed to i.e. using perform or a script). You would only use this if the server supports /msg nickserv, /nickserv or SASL. (So e.g. Undernet X is NOT supported.)
It is possible that Nickserv may have been changed on a particular IRC network to do something non-standard, but that would be ... well, non-standard and so mIRC should not be expected to handle it.
So, providing that you only look at notices from nickserv (and not from any other services which might advertise before authentication), and providing that you check for "/msg nickserv" and / or "/nickserv" (which are what mIRC uses - so let's not check for anything wider), and providing that nickserv sends a notice for success or failure of authentication (i.e. doesn't not say anything), then this should work pretty reliably IMO.
I would also suggest that if 4. happens, then mIRC should put some sort of explanation up in the status window so as to prompt the user to fix the configuration (by e.g. switching to perform or a script).
P.S. My testing showed that SASL 903 response came much earlier in the connection than nickserv, but I am unclear whether that is because SASL is synchronous or just because it is significantly faster. If SASL is synchronous authentication (as opposed to nickserv which is asynchronous) then we don't need something similar to this proposal for SASL - but if SASL is asynchronous then we probably need the same sort of solution. The SASL specs should be able to clarify this.