We'd proposed something like this in P2Pool a while back— at least the basics of it: announcing key in share and doing threshold cryptography so that larger p2pool miners could automatically peer with similarly sized miners— there are some obvious shortcomings that come up like even if you assume a large miner will keep the data secret out of self-interest they may not be a large miner forever: once a large miner is no longer a large miner they don't have as much reason to keep the data a secret.
You could constantly re-share new introduction keys to end leaking, but knowing the miners address alone is enough to DOS attack it. This kind of approach also doesn't address the issue large miners often suspect other large miners of being a perpetrating attacker, e.g. delegating your peering to a hopefully neutral third party can make business sense. I guess you do accommodate that by virtue of the miners being able to choose the addresses they share, allowing them to instead delegate a third party at that point.
As you said, if the protocol is automatic, the addresses (or a secret random key required to establish the connection) can be renegotiated once a day or once a week, to prevent abuse after the hashing power distribution changes. Also if you give a different IP address (or a secret key) to each of your competitors, you can monitor any DoS attempt and prove who is behind it. And this is evidence that you can take to a court.
I guess these reasons along with a lack of visible attacks on P2Pool, the ease of the manual peering method, and the complexity of implementing something like this is why it hasn't been done so far... but its good to see someone thinking out more of the details.
Threshold cryptography would probably solve the problem better, but probably requires a more difficult setup phase and a more complicated implementation.
1% ownership commitments can solve the problem practically and requires no complex crypto to prove correct.
I agree that today there may be no need for an automatic backbone. But currently we have a miner with 32% of the hashing power that does not show a visible identification, which prevents anyone from contacting it directly. If there is a single secret miner, then this miner can still connect to all non-secret ones. The real problem would be if there were two secret miners.
