Switches are already programmable to a degree. This is out of scope -- and yes, it's slightly worse than the existing story, but not that much worse. I believe, as a community, we've decided that trusting the transport is a bad idea.
You are of course right that switches are partially programmable but I don't think believe the argument about never trusting the transport really holds up.
First, getting code into the data plane opens up the entire network to new attacks or at least makes them far easier. For instance, just knowing the bytes that are traversing the network gives you a lot of information about what applications are doing, regardless of application encryption. [See https://news.ycombinator.com/item?id=14070130 for an enjoyable discussion.] In short this would undo the benefits of strategies like micro-segmentation.
Second, a lot of backend traffic is unencrypted because managing the crypto infrastructure (e.g., managing X509 certs, keeping up ciphers, staying fully patched) is a pain in the tail when you have communication between hundreds or thousands of services. Individual services can do it, yes, but as far as I can tell there's no general solution for managing application-level security across diverse services. My current employer is pretty sophisticated about enterprise security but we really struggle with this problem. At some point you just say some parts of the network are trusted.
