It adds complexity, more points of failure, and ensures that more legacy services will go offline needlessly. While almost certainly not actually improving the actual security issues the average user experience. Lack of a valid tls certificate is usually not the reason people are victims of crime online.