A popular technique for avoiding the difficulties of building applications that span multiple administrative domains (MAD) is to create another vendor/application-specific domain, as exemplified by services such as Google Docs and Microsoft Live Mesh. Such a centralized domain adds security vulnerabilities, reliability risks, and scalability costs. Our alternative combines authorization-based access control, a firewall-friendly protocol, and a suitable distributed checkpointing system to build a peer to peer system that needs no central control. Here we discuss the lessons learned in building the Secure Cooperative File Sharing (SCoopFS) application using this approach.