I don't think the imperfect mapping between IP and user is the real problem with tracking down botnet controllers. You have a network of compromised hosts, and you can disguise yourself as one of them. There are lots of schemes for this sort of thing when you have a whole bunch of compromised machines under your control. For example, even if you made it illegal to run a Tor node, you could still just have your compromised network of hosts start running their own Tor (are you going to arrest all the people who just got a virus that starts a Tor network?) and you deliver commands from a hidden service. That's a huge effort on the part of society (banning Tor, implementing that, etc) that's easily circumvented.
In any case, like I said, you can't even get ISPs to do egress filtering of spoofed IPs, so even if it were going to solve DDoS, I don't think you'll get them on board for all the complications of implementing the protocols necessary and buying the equipment necessary to log all the traffic necessary to track down botnet controllers (who may be in a country where knowing who they are won't help you much anyway).
In any case, like I said, you can't even get ISPs to do egress filtering of spoofed IPs, so even if it were going to solve DDoS, I don't think you'll get them on board for all the complications of implementing the protocols necessary and buying the equipment necessary to log all the traffic necessary to track down botnet controllers (who may be in a country where knowing who they are won't help you much anyway).