First and foremost, speaking from personal experience, one advantage of
SIP via TLS is that >99% of all unsolicited and unwanted requests I
observe daily come in as plain SIP on port 5060. (Yes, changing the
port would be a similarly effective mitigation against these, but why
do we have well-known ports in the first place?)
On the encryption issue... It is simply best practice to not expose
data unnecessarily. It is already an achievement that slowly the
adoption of meta data and transport encryption is happening in the
voice world. As always, you have to start from somewhere to work
towards a goal. Reducing the data exposure down to only state mandated
and (hopefully) supervised Lawful Interception is a goal that is
worthwhile to pursue within the concept of the PSTN. Moving everything
from private lines to the public internet is a recipe for disaster.
After all, rudimentary support for encryption is one of the few things
that can be counted as an improvement when migrating from ISDN to VoIP.
That said, of course the security provided with SIP+TLS+SRTP in the end
is debatable. I haven't yet seen any use of certificate pinning in SIP
Generally I would not communicate sensitive information over the PSTN or
infrastructure in general, where I don't know and trust all of the
parties that have access to it.