Skype's Proprietary P2P v. Standards-Compliant P2P

The issues surrounding Skype’s recent major outage are instructive for the entire IP communications industry and those who rely upon IP communications. On the one hand, Skype has done a remarkable job generating a large user base very quickly and putting IP communications on the map. On the other hand, however, Skype's outage raises important concerns about its proprietary peer-to-peer architecture and approach ... and rightfully, at the same time, about peer-to peer-in general.

Due the continuing level of interest in this topic, as well as continuing confusion surrounding it, I have asked guest blogger Aron Rosenberg, CTO & Founder of SightSpeed to summarize briefly -- and for the last time -- the major distinctions between Skype's proprietary peer-to-peer model vis-a-vis the standards-compliant peer-to-peer model that is used widely (not only by SightSpeed, but also by Microsoft, Cisco, Sprint/Nextel, Verizon, AT&T, Comcast, Time Warner and countless others). His thoughts are below:

"Skype uses a different type of Peer-To-Peer network than most companies -- a proprietary form based on SuperNodes. A SuperNode Peer-to-Peer system is one in which you rely on your customers rather than your own servers to handle the majority of your traffic. SuperNodes are just normal computers which get promoted by the Skype software to serve as the traffic cops for their entire network. In theory this is a good idea, but it does have unique vulnerabilities that have been exposed during the past week. Skype, as a company, has no physical or programmatic control over the most vital piece of its product when the network destabilizes for any reason.

Another issue with SuperNode models concerns system recovery after a crash. A SuperNode-based network can only recover as fast as new SuperNodes can be identified. Skype’s formal explanation on Monday about the cause of its crash essentially confirms this point, as numerous bloggers and press have pointed out.

Skype’s model also creates usage issues. A Skype user who installs Skype on a university or corporate network agrees in the End-User License Agreement (EULA) to let Skype route calls through his or her PC (and by extension the organization’s network). In many cases this is a violation of the terms of use the student/employee has agreed to with the university or corporate IT dept. It can cause legal and bandwidth issues -- issues surrounding SuperNodes in the workplace or university environment that have received much visibility.

Other companies such as Sightspeed use a standards-based Peer-to-Peer architecture built on SIP (the standard protocol as opposed to Skype’s proprietary protocol) that allows those companies to manage all the core functionality themselves. Telephony protocols such as SIP were designed from the outset to be fault tolerant. Companies such as Microsoft, Cisco, Sprint/Nextel, Verizon, AT&T, Comcast, Time Warner and SightSpeed all ship standards based SIP software and hardware."

Bottom line -- Skype's outage exposed major vulnerabilities to ITS particular proprietary SuperNode peer-to-peer architecture -- it did not, however, impugn all peer-to-peer models in general since standards-compliant peer-to-peer was not at issue.

As I pointed out yesterday in my post, Skype correctly points out that no technology is immune from disruption or service interruption -- hey, IP communications is highly complex stuff! At the same time, it is important to understand the distinction between Skype's proprietary model of peer-to-peer (and the unique vulnerabilities associated with it) as compared to standards-compliant peer-to-peer.