But even there I think you are talking about "oh you can do that with kerberos which not everyone has so let's add it for other environments too."

The problem with encrypted telnet has always been handling of cases where encryption isn't supported.