I'm listening to the Peer-to-Peer SIP session at VON Europe and find myself more interested by the general concepts being discussed than by the specifics of SIP for peer-to-peer networks. The interesting discussion is around identity, community, security and legal intercept.
Identity comes down to public key encrypted unique identifiers that you then choose to make available to various communities, perhaps including the entire Internet. But whenever you make any identifier public, you invite people to contact you. If you make an identifier widely available, you may need a screening function. This can be on your client or you can delegate the function to someone else. But this is true whether the communication means is peer-to-peer or centrally controlled. I publish my Skype user name "brough" quite widely. I only publish Skype presence to people I know and I chose what kinds of interactions I want to have with those I don't recognize. If I did choose a 3rd party to screen contacts for me, it could be a peer proxy or a 3rd party server, but that is independent of whether the systems is peer-to-peer or not.
The security discussion exposed the fact that, whether you have peer-to-peer or not, no firewall can protect against a rogue client within the trusted environment. This of course is why Skype works anywhere. It just nice to hear a public discussion of this simple fact. Not everyone gets it.
Legal intercept in the Internet can be done via a cooperative client (e.g. in an enterprise call center that does logging) or at an aggregation router. At the router, one can only expect to get address pairs, flow statistics and copies of the packets. If the packets are encrypted, you won't get the contents (easily). That's it. With encryption at the end points, you'll have to defeat the encryption to read the content of the flows. That's independent of whether you are using peer-to-peer or a centrally controlled service. It's a function of encryption at the end points.
All and all, it was an interesting session.