The discussion was very good. We started with what makes a P2P application different. What components tend to be present in a P2P application that may be optional or limited in other cases. Concensus was that all the key components were required for a P2P application to function.
1) Some way to locate other peers.
2) Som way to authenticate/trust other peers.
3) Some way to know if other peers are available/online/etc.
4) Some way to exchange information with the peers.
There was a good discussion of various frameworks available for P2P applications. The use of game related SDKs came up several times as worth evaluating. The new WCF support for P2P applications looks quite promising with the PDC bits supporting PNRP.
There was a long discussion of what it takes to make P2P applications work in real networks where firewalls and NAT can cause connectivity problems. Port 80 tunneling was seen as a requirement in many IT environments as even opening a small range of ports for P2P applications is hard to get past central IT departments. The IPv6 based tunneling in the MS environment was seen as one of the more complete solutions, but may need to be configured/enabled in XP while it is expected to be enabled by default in Vista.
Finally the last major point was that many found it easier and more secure to use a central server for peer resolution and authentication. The need to verify peer identity without a central authority was a major issue for some present that are more in the mobility space. In general verification of trust in a P2P application becomes harder without some central management. The data trafic can be done P2P, but a client/server model for initiating conversations was seen as often desireable. The 2 cases where this does not work is when the application must support interactions without access to the internet (in a secure setting, on the battlefield, or in a hotel room without an internet connection). The biggest problem with true P2P applications is that they turn each machine into a server, with all the security/vulnerability issues that entails.