Anthropic’s Model Context Protocol (MCP) has undergone significant enhancements to address its past security shortcomings, making the updated specification crucial for those involved in the integration of data sources and tools with AI models. The recent release of the MCP v2025-06-18 spec brings notable improvements, particularly in the area of security and functionality. Here are the key updates that should be on your radar.
### Executive Summary of MCP Spec v2025-06-18
1. **OAuth 2.0 Compliance**: MCP servers have been transitioned to operate as OAuth 2.0 Resource Servers.
2. **Token Binding**: Clients are now required to include a `resource` parameter, specified by RFC 8707, during token requests to establish a direct link between the access token and the designated MCP server.
3. **Structured Output Support**: The introduction of `structuredContent` enables structured JSON tool output, enhancing the clarity and organization of returned data.
4. **Elicitation Feature**: Servers have the capability to reach out to users during a session for input by utilizing an `elicitation/create` request, accompanied by a message template and JSON schema for structured responses.
5. **Security Enhancements**: A detailed “Security Considerations” section has been incorporated to mitigate token theft, address PKCE, redirect URIs, and confused deputy problems with enhanced security controls.
6. **Best Practices Documentation**: The new Security best practices document offers in-depth insights into threats like token passthrough, confused deputy, session hijacking, and proxy misuse, complemented by concrete measures to counter these threats.
7. **Protocol Versioning**: All HTTP requests must now contain an `MCP-Protocol-Version` header. If the header is missing, the server defaults to version `2025-03-26` for backward compatibility purposes.
8. **Resource Linking**: A new `resource_link` type is introduced that allows tools to reference external URIs without inlining content, facilitating client-side fetching of data as required.
9. **Discontinuation of JSON-RPC Batching**: Support for JSON-RPC batching has been removed, presenting a breaking change for existing implementations using this feature.
### Understanding MCP’s Role
The Model Context Protocol, MCP, represents Anthropic’s initiative in standardizing the provision of context and tools to Large Language Models (LLMs). MCP serves as a universal interface, akin to HTTP but for AI models, enabling seamless integration with diverse data sources and computational tools.
MCP eliminates the need for app-specific integrations by offering a host the ability to dynamically discover tools through `tools/list`, execute actions with `tools/call`, and receive structured responses. This design mirrors the concept of function-calling APIs, but operates cross-platform to accommodate various applications and services.
### Core Architecture of MCP
MCP is built upon a client-server framework, where multiple hosts can interface with several servers. The architecture consists of three crucial components:
– **MCP Hosts**: Application platforms like Claudia Desktop, Cursor, or Windsurf, using MCP to access diverse data sources.
– **MCP Clients**: Specialized protocol clients that facilitate communication between the host and MCP server layers.
– **MCP Servers**: Simplified applications that expose specific capabilities, such as data retrieval, to hosts for execution.
MCP’s updated specification demonstrates significant strides toward becoming a cornerstone for secure, cross-platform interaction between hosts and AI models like its latest version introduces substantial improvements that ensure robust security measures and streamlined interactions for a more efficient and secure data exchange experience.
Leave a Reply