Model Context Protocol Emerges as Standard for Interoperable AI Agents - Episode Hero Image

Model Context Protocol Emerges as Standard for Interoperable AI Agents

Latent Space: The AI Engineer Podcast · · Listen to Original Episode →
Original Title:

TL;DR

  • The Model Context Protocol (MCP) has evolved from a local-only experiment to a de facto standard for agentic systems, adopted by major tech companies, indicating its critical role in enabling AI agent communication and tool integration.
  • MCP's adoption is exploding internally within enterprises for connecting agents to proprietary data and workflows, highlighting its practical value beyond public-facing applications, especially in regulated sectors like finance and healthcare.
  • The evolution of MCP's authentication from a combined server/identity provider model to a separated one, informed by OAuth experts, demonstrates the protocol's adaptability to complex enterprise requirements and its focus on robust security.
  • MCP's introduction of "Tasks" as a primitive for long-running, asynchronous agent operations addresses a significant industry need for deep research and agent-to-agent handoffs, moving beyond simple tool calls.
  • MCP Apps, utilizing iframes, extend the protocol to richer user interfaces beyond text, enabling interactive experiences like seat selection or shopping UIs, and are being standardized collaboratively with major AI labs.
  • The formation of the Agentic AI Foundation (AAIF) under the Linux Foundation provides a neutral governance structure, ensuring MCP's continued openness and fostering industry-wide collaboration among competitive AI labs and enterprises.
  • MCP's design prioritizes composability and interoperability, aiming to create a flexible, open agentic stack where diverse components can work together, rather than dictating a single universal agent solution.

Deep Dive

The launch of the Agentic AI Foundation (AAIF) under the Linux Foundation marks a pivotal moment, establishing Model Context Protocol (MCP) as the de facto communication standard for AI agents and signaling a concerted industry effort to foster open, interoperable agentic systems. This foundational shift, driven by major players like OpenAI, Anthropic, and Block, aims to accelerate AI productivity by enabling agents to seamlessly connect to data and tools, paving the way for asynchronous, long-running operations and richer user interfaces.

The MCP protocol's rapid adoption, from a Thanksgiving hackathon project to an industry standard endorsed by tech giants, underscores its foundational role in agentic AI development. Initially designed for local interaction, MCP has evolved to support remote HTTP streaming and robust authentication, addressing critical enterprise needs. This evolution was notably shaped by collaboration with OAuth experts, addressing challenges in separating authentication servers from resource servers to accommodate enterprise identity providers. The protocol's extension into "Tasks" provides a crucial primitive for long-running, asynchronous agent operations, moving beyond simple tool calls to enable complex research and agent-to-agent communication. Furthermore, "MCP Apps" introduce richer, visual user interfaces (via iframes) for AI applications, addressing the limitations of text-based interactions for tasks like seat selection or shopping. The development of a standardized registry system, akin to "npm for agents," is underway to facilitate discoverability and trust, though challenges remain in balancing curated sub-registries with broad openness. The formation of the AAIF under the Linux Foundation provides a neutral governance structure, ensuring MCP's continued openness and fostering a collaborative ecosystem for agentic AI development.

The implications of this initiative are far-reaching. By standardizing the communication layer for AI agents, MCP reduces friction for developers and enterprises, lowering the barrier to entry for building sophisticated AI applications. The focus on asynchronous tasks and richer UIs directly addresses the need for AI to move beyond simple queries to perform complex, multi-step operations autonomously, unlocking new levels of productivity. The establishment of a neutral foundation is critical for preventing vendor lock-in and fostering broad industry participation, ensuring that the development of agentic AI benefits from diverse contributions and perspectives. This collaborative approach is essential for navigating the rapid evolution of AI, enabling the ecosystem to adapt and innovate effectively. The AAIF's emphasis on composability and interoperability suggests a future where AI agents can be flexibly assembled and deployed, much like Lego blocks, to suit a wide range of specific needs and use cases.

Action Items

  • Audit authentication flow: Review OAuth 2.1 implementation for enterprise readiness, focusing on separating authentication servers from resource servers.
  • Design scalable transport protocol: Investigate solutions for bidirectional streaming that address horizontal scaling challenges and state management across multiple pods.
  • Create registry interface standard: Define a standardized API for registries to enable model-driven discovery and installation of MCP servers.
  • Develop financial services extension: Define client and server requirements for handling sensitive data, legal contracts, and attribution in financial workflows.
  • Implement MCP Apps iframe security: Establish guidelines for secure iframe usage, including handling styles and cross-origin communication for richer UIs.

Key Quotes

"we moved to we launched originally as like basically local only um you could like build local mcp servers for cloud desktop -- but then we like in march this year we moved into like how can you do remote mcp server so connect like really a lot like to a remote server and introduced like the first iteration of authentication and then in june we revisited that and like improved it quite a little bit so that it works better for -- you know -- enterprises in particular and we were very very lucky that in that time from march to june we were like able to like have absolute industry leading experts that literally work on oauth itself to help us with some of the the pieces right -- and how to get it right and then we focused a lot of on like security best practices and this type of work and now we like i feel we have a really solid foundation and we're doing we just launched like in -- end of like november then the recent iteration of the protocol finally like the next bigger improvement to the protocol which is like long running tasks to really allow for like you know deep research type of task and like you know maybe even agent to agent communication"

David Soria Parra explains the evolution of the Model Context Protocol (MCP), highlighting its transition from local-only use to supporting remote servers and enterprise-grade authentication. This demonstrates MCP's adaptability and the collaborative effort involved in refining its security and functionality, particularly through expert contributions in OAuth. The introduction of long-running tasks signifies a move towards more complex agentic operations.

"and so we really wanted to see things that -- have a lot of adoption or de facto like -- at least on the protocol side like a de facto -- standard and i don't think any of the other protocols it feels like they're not just there yet but of course if they get there then we're like super open as long as they're like complementary to to what's in the foundation on the application side we're a little bit more flexible and we're like more open but on the protocol side i think we really want to make sure that we're not like offering like that the foundation doesn't encompass like five protocols for the same like communication tier and so yeah there was discussion but i think for now we just want to start it small"

David Soria Parra discusses the criteria for selecting protocols to be included in the Agentic AI Foundation (AAIF). He emphasizes the preference for protocols that have achieved de facto standard status and significant adoption, particularly on the protocol level. This approach aims to ensure the foundation focuses on robust, widely-used technologies, maintaining flexibility for application-level contributions while prioritizing protocol standardization.

"the main issue we did is -- in in oauth there are two components there is an authentication server who gives you the token and then there's the resource server who takes the token and gives you the resource in return and in the first iteration of our authentication spec we combined them together into the mcp server which if you were building and usable yeah it's kind of usable if you build like an mcp server like as like a public server for as a you know you're a startup you're building a server for yourself you want to bind this to -- the accounts you already have that is completely usable the reality in enterprises is you don't authenticate you authenticate with some central entity like you know you know you have some identity provider or an idp and you go and then you -- and yeah for most people they don't even notice this they know is like oh in the morning i'm going to go log in with google for and then i'm going to access to all my work stuff right that's effectively the idp right -- and if you combine these into the same server you just can't do this anymore and so all we need is to do is like okay we are resource server the sp server is a resource server how you get the token from the authentication server we have opinions on how you should do it but it's kind of separated and that's what happened then in the june spec where we separated this out"

David Soria Parra details a critical issue encountered with the initial OAuth implementation in MCP, explaining the separation required between authentication and resource servers for enterprise compatibility. He highlights that combining these functions in the first iteration worked for startups but not for enterprises that rely on central identity providers (IDPs). The June specification addressed this by separating these components, enabling better integration with existing enterprise authentication systems.

"and so we always looked for something like that we also knew that we looked into alternatives like okay what happens if we do web sockets for example and we have found a lot of issues with doing of proper bidirectional stream and we were like okay what is the right middle ground between having something that can be used in the simplest form that people do like where they just want to provide a tool but then is able to be upgraded to like a full bidirectional stream if you needed it because you really have like complex agents you know communicating with each other that's where streamable http was born with that intent and i think there's something that in retrospect we got right i and and something that we got wrong i think we got right that we are really leaning just on standard http in that regard we got wrong that we made a little things optional for the clients to do -- like you can the client can connect and open this return stream from the server but it doesn't have to and the reality is is no client does it because it's optional and so a lot of the bidirectionality goes away and so features like elicitations and sampling are just not available to servers because they don't have that stream open because the client the client implementers like yeah that's the minimal viable project from project for me i don't have to do it and so that that became an issue"

David Soria Parra reflects on the design choices for MCP's transport layer, specifically the move from standard IO to streamable HTTP. He explains that the goal was to balance simplicity for basic tool usage with the capability for full bidirectional streaming required by complex agent communication. Soria Parra identifies a key lesson learned: making bidirectional streaming optional for clients led to its underutilization, thereby limiting server capabilities like elicitations and sampling.

"and then that's where we have this concept of sub registries which then like the smithery's and others hopefully can do where they can filter and curate on top of it and that's the that's really the world we want to live in i don't think we're quite there yet but we're slowly getting there like the github registry is is curated off the or speaks the same format as the as the official registry and so what we want is like you as an end as a company -- can have an internal registry that is a curated form of the the official one plus maybe you own ones and then that's the one you trust and it speaks the same api then the official one and if you have like a vs code or anything else that wants to talk to your registry you just connect it to yours and you're you're good to go and that's that's really what we want to do"

David Soria Parra outlines the

Resources

External Resources

Books

  • "Closure" by Rich Hickey - Mentioned as an essay discussing open source principles and developer expectations.

Articles & Papers

  • "Why MCP One" by Sean - Mentioned as a post discussing the adoption of MCP.

People

  • David Soria Parra - Co-creator of MCP, lead at Anthropic for MCP efforts.
  • Jim Zemlin - CEO of the Linux Foundation, instrumental in forming the Agentic AI Foundation.
  • Nick Cooper - Representative for OpenAI at the Agentic AI Foundation, core contributor to MCP.
  • Brad Howes - Principal Engineer at Block, original author of Goose.
  • Jeremiah - Mentioned for a blog post on MCP usage in companies.
  • Urs Hölzle - Mentioned as a former figure at Google involved in Kubernetes' contribution to the Linux Foundation.
  • Brian Stevens - Mentioned as a former figure at Google involved in Kubernetes' contribution to the Linux Foundation.
  • Linus Torvalds - Mentioned as a comparison for open source leadership.
  • Vince Surf - Mentioned as a comparison for open source leadership.

Organizations & Institutions

  • Anthropic - Creator of MCP, a founding member of the Agentic AI Foundation.
  • OpenAI - Founding member of the Agentic AI Foundation, contributor to MCP.
  • Block - Founding member of the Agentic AI Foundation, contributor of Goose.
  • Linux Foundation - Hosts the Agentic AI Foundation, providing infrastructure and governance.
  • Agentic AI Foundation (AAIF) - A neutral foundation established to govern MCP and related agentic AI projects.
  • Microsoft - Mentioned as an adopter of MCP and a participant in the Agentic AI Foundation.
  • Google - Mentioned as an adopter of MCP and a participant in the Agentic AI Foundation.
  • Kernel Labs - Mentioned as the affiliation of Salesio, a host of the podcast.
  • Pro Football Focus (PFF) - Mentioned as a data source in a previous podcast episode example.
  • New England Patriots - Mentioned as an example team in a previous podcast episode example.
  • Smithery - Mentioned as an example of a sub-registry for MCP.
  • GitHub - Mentioned in relation to registries and potential collaboration on MCP.
  • Linear - Mentioned as a service with an MCP server for Slack summaries.
  • Bloomberg - Heading up the financial services interest group for MCP.
  • Turkish Airlines - Mentioned as an example of a company building an MCP server for flight searches.
  • CVS Pharmacy - Mentioned as an example of a company joining the Cloud Native Computing Foundation.
  • Cloud Native Computing Foundation (CNCF) - Mentioned as a successful foundation model.
  • Data + AI Foundation - Mentioned as another foundation within the Linux Foundation.

Tools & Software

  • Goose - A coding agent developed by Block, donated to the Agentic AI Foundation.
  • MCP Atlas - Mentioned as a component used in model cards for tool usage.
  • vLLM - Mentioned as a technology for scalable inference.
  • Ray - Mentioned as a technology for scalable inference.
  • Kubernetes - Mentioned as a container orchestration system.
  • Mesos - Mentioned as a previous technology in the container orchestration space.
  • PaaS (Platform as a Service) - Mentioned as a previous abstraction layer for cloud computing.
  • Heroku - Mentioned as a PaaS provider.
  • Cloud Foundry - Mentioned as a PaaS provider.
  • OpenStack - Mentioned as a cloud infrastructure project.
  • Docker - Mentioned as a containerization technology.

Websites & Online Resources

  • modelcontextprotocol.io - The official website for the Model Context Protocol (MCP).
  • agenticai.foundation - The official website for the Agentic AI Foundation.

Other Resources

  • Model Context Protocol (MCP) - An open standard for connecting AI applications to data and tools, now part of the Agentic AI Foundation.
  • Agentic AI - The broader field of AI systems designed to act autonomously.
  • OAuth 2.1 - An authentication protocol discussed in relation to MCP's authentication evolution.
  • HTTP Streaming - A transport protocol used in MCP.
  • Tasks - A new primitive in MCP for long-running, asynchronous agent operations.
  • MCP Apps - A feature allowing richer UI experiences within MCP, using iframes.
  • Progressive Discovery - A principle for models to gain more information as needed, relevant to MCP and Skills.
  • Skills - A concept providing domain knowledge for AI models, distinct from MCP's connectivity.
  • PCI DSS - Mentioned in relation to compliance for financial services.
  • HIPAA - Mentioned in relation to compliance for healthcare data.
  • NPM (Node Package Manager) - Used as an analogy for a public registry for software packages.
  • Pip (Package Installer for Python) - Used as an analogy for a public registry for software packages.
  • OpenAPI Specification - Mentioned in relation to potential tool bloat in models.
  • Webhooks - A mechanism for servers to notify clients of events.
  • RPC (Remote Procedure Call) - A communication protocol.
  • FSMCP - Mentioned in relation to a workshop.
  • Agent-to-Agent Communication - A capability enabled by MCP.
  • Workload Identity - A concept related to agent authentication.
  • Bearer Token - A type of token used in authentication.
  • Identity Provider (IdP) - A system that authenticates users.
  • Resource Server - A server that provides protected resources.
  • Authentication Server - A server that issues authentication tokens.
  • Dynamic Client Registration - A feature within OAuth.
  • Iframe - A web technology used for embedding content, part of MCP Apps.
  • Post Messages - A method for communication between iframes and parent windows.
  • HTML - A markup language used for web content.
  • CORS (Cross-Origin Resource Sharing) - A web security mechanism.
  • Attribution - The act of crediting a source, important in financial services.
  • Tool Calling - A capability of AI models to use external tools.
  • Context Window - The input limit for AI models.
  • Context Compression/Compaction - Techniques to manage context size for AI models.
  • Rag (Retrieval Augmented Generation) - A technique for AI model context.
  • Haiku Model - Mentioned as a potential smaller model for summarization.
  • API Key - A credential used for authentication.
  • SDK (Software Development Kit) - A set of tools for developing software.
  • Tric (Tool-use Interface for Communication) - Mentioned as a potential overlap with MCP tasks.
  • TRPC - A JavaScript RPC framework.
  • Protobuf - A language-neutral, platform-neutral, extensible mechanism for serializing structured data.
  • FSMCP - Mentioned in relation to a workshop.
  • Agentic Commerce Protocol - A potential future protocol for AI-driven commerce.
  • PCI DSS - Mentioned in relation to compliance for financial services.
  • HIPAA - Mentioned in relation to compliance for healthcare data.
  • I Notify - A Linux kernel interface for file system event notification.
  • Websockets - A communication protocol.
  • gRPC - A high-performance, open-source universal RPC framework.
  • REST API - A common architectural style for web services.
  • LLM (Large Language Model) - A type of AI model.
  • Transformer Architecture - A type of neural network architecture.
  • Cloud Native Computing - A methodology for building and running scalable applications.
  • Software Defined Networking (SDN) - A networking architecture.
  • Network Function Virtualization (NFV) - A networking concept.
  • Orchestration - The coordination of complex systems.
  • American Online (AOL) - Mentioned as a historical internet service provider.
  • Borg - Google's internal container orchestration system, precursor to Kubernetes.
  • Codex - An AI model from OpenAI focused on code generation.
  • Haiku Model - Mentioned as a potential smaller model for summarization.
  • PCI DSS - Mentioned in relation to compliance for financial services.
  • HIPAA - Mentioned in relation to compliance for healthcare data.
  • I Notify - A Linux kernel interface for file system event notification.
  • Websockets - A communication protocol.
  • gRPC - A high-performance, open-source universal RPC framework.
  • REST API - A common architectural style for web services.
  • LLM (Large Language Model) - A type of AI model.
  • Transformer Architecture - A type of neural network architecture.
  • Cloud Native Computing - A methodology for building and running scalable applications.
  • Software Defined Networking (SDN) - A networking architecture.
  • Network Function Virtualization (NFV) - A networking concept.
  • Orchestration - The coordination of complex systems.
  • American Online (AOL) - Mentioned as a historical internet service provider.
  • Borg - Google's internal container orchestration system, precursor to Kubernetes.
  • Codex - An AI model from OpenAI focused on code generation.

---
Handpicked links, AI-assisted summaries. Human judgment, machine efficiency.
This content is a personally curated review and synopsis derived from the original podcast episode.