Wouldn't IPv6 firewalls configured for typical users (i.e., denying unrecognized incoming connections) pose a similar barrier to making direct connections reliably on the application level? Not every user will be willing or able to open a hole in their firewall for every shiny new application that wants one.