Exactly. An analogy is with password salting: you don't salt passwords because it makes the hashes unbreakable, you do it to increase the amount of work attackers have to do to successfully recover the passwords.
Even without verified certificates, mandatory TLS would require a MITM attacker to be present at the time of the connection (not passively record traffic and attack later) for every connection they wanted to snoop on. For a stateless protocol like HTTP, that's a massive amount of work to do if you want to snoop on any large scale. The increase in work required is probably even greater (relatively) than the increase achieved in the example of password salting (which is considered a security no-brainer)!
Even without verified certificates, mandatory TLS would require a MITM attacker to be present at the time of the connection (not passively record traffic and attack later) for every connection they wanted to snoop on. For a stateless protocol like HTTP, that's a massive amount of work to do if you want to snoop on any large scale. The increase in work required is probably even greater (relatively) than the increase achieved in the example of password salting (which is considered a security no-brainer)!