Is WinRM/PSSessions using TrustedHosts less secure than DCOM (or whatever classic Windows remote access is)?

I have forever been accessing remote machines with things like file shares (\\serverName\share) and using Powershell commands that use a -ComputerName parameter. If I do this for a machine in a remote domain, I have to provide the -Credential argument. And that all works fine. I think that's called DCOM. I can also access WMI like that. However, when I try to use enter-pssession to the remote machine, it does not work because of some kerberos thing. Supposedly, the difference is that kerberos provides mutual authentication of the machines. But, if I am accessing a machine in a remote domain, it is not using kerberos anyway for the DCOM style transactions. So, if I make the pssession work by putting the remote machine into my Winrm TrustedHosts (and naming it with the IP address) instead up setting up a certificate infrastructure (and thus not having any machine authentication) is that really any worse than the DCOM commands I've been running forever? --I've seen people write things like, "only use this on test machines, not a production environment" because the connection is not encrypted. But, the transaction of credentials is supposedly still encrypted. If it is ok to use -ComputerName and -Credential with other commands, what's the difference?