What is the reason why creating a veth requires root?

I recently became aware of solutions like [slirp4netns](https://github.com/rootless-containers/slirp4netns) or [passt/pasta](https://passt.top/passt/about/) which essentially work around the fact that you can't create a pair of [veth](https://www.man7.org/linux/man-pages/man4/veth.4.html) network interfaces without root (or CAP_NET_ADMIN). Before user namespaces became widely available, changing the network configuration was indeed originally restricted to the superuser. Is there a documented reason why it was deemed "easier" to create a whole entire TCP/IP stack and/or complex abstraction layers rather than just allowing users to create their own pairs? Was it difficult to implement a user permission scheme on top of the networking configuration tools, or are there security reasons why allowing non-root users to modify the network configuration of interfaces they themselves created would be a bad idea?