Windows Peer-to-Peer Networking

Windows Peer-to-Peer Networking is a developer platform to create peer-to-peer applications for computers running Windows XP. The long-term goal of Windows Peer-to-Peer Networking is the following:

To enable people to communicate securely and share information with _disibledevent="listItem">Client computers do not have shared resources and do not respond to requests for resources. Therefore, other computers do not need to resolve the names of client computers. DNS address records for client computers are not necessary.



Peer computers, on the other hand, have resources to share. However, they still have transient connectivity. Peer computers could use DNS dynamic update to register their names, however, very few DNS servers on the Internet support DNS dynamic update. To be successful for peer-to-peer networking, peer computers must not rely on the existing DNS infrastructure. Therefore, there must be a mechanism to resolve peer names to their addresses that does not rely on DNS. For Windows Peer-to-Peer Networking, this mechanism is Peer Name Resolution Protocol (PNRP) and is described in the "Name Resolution and Peer Discovery with PNRP" section of this article.

Windows Peer-to-Peer Networking Security

In a peer environment, there are no centralized servers with security databases or that can provide typical security services such as authentication and authorization. For example, in an Active Directory do, do controllers provide authentication services using Kerberos. In a serverless peer environment, the peers must provide their own authentication.

For Windows Peer-to-Peer Networking, authentication is provided using self-signed certicates, some of which are formatted as X.509 certicates. Although one usually thinks of X.509 certicates in relation to a public key infrastructure (PKI) that contains a hierarchy of certication authorities (CAs), self-signed certicates are certicates that are created by each peer. Peer networking allows any node to act as a CA and removes the requirement that the root certicate to be deposited in each peer's trusted root store. Each peer generates the public key/private key pair and the certicate that is signed using the private key. The self-signed certicate is used for authentication and to provide information about the peer entity. Like X.509 authentication, peer networking authentication relies upon a chain of certicates tracing back to a public key that is trusted.

For more information about authentication for Windows Peer-to-Peer Networking, see the "Grouping" section of this article.