In answer to the UI question below, for the simple reason that you don't know whether the same password applies, because the standards have deliberately separated them and there is no standard provided which can convey the information that in this case, they're the same. You could perhaps just try the same credentials for each service but that would be a clear leak of private information if they weren't the same.
On 7 Feb 2017 20:12, "Dave Crocker" <dhc@xxxxxxxxxxxx> wrote:
But how large a community is this and why is this problem not mitigated simply by having the user interface take one password specification and map it to the two, underlying (and existing) protocols?