Skip to main content
  1. Writing/

The Month of MCP

·697 words
ai ai-tools developer-tools engineering security mcp model-context-protocol
Table of Contents

The past month for me was all about MCP. One trip to Seattle, and two to San Francisco later, I am happy to share that the MCP work is not pure hype - there’s a lot of work being put in by companies large and small, and of course, by Anthropic themselves.

Fog rolling over San Francisco, with Sutro Tower peeking through.
Fog rolling over San Francisco, with Sutro Tower peeking through.

Quick overview of all the chats #

At Build, we shared how developers can use MCP with the MCP C# SDK to quickly (and I mean quickly) bootstrap MCP servers. James Montemagno and Katie Savage have a great session for that (where I briefly made a cameo to talk about our work around MCP authorization):

At the same conference, I also sat down with James Montemagno, Toby Padilla (GitHub), and Harald Kirschner (Visual Studio Code) to talk about why MCP is here to stay (all community efforts are converging around it).

Fog rolling over San Francisco, with Sutro Tower peeking through.
Fog rolling over San Francisco, with Sutro Tower peeking through.

Then, at the MCP Developer Summit, I talked about how we’re thinking of implementing new authorization specification in the MCP C# SDK:

I also had the immense privilege to catch-up with some of the most awesome community folks, like Kent C. Dodds (Please Make Jarvis So I Don’t Have To), Laurie Voss (MCP vs ACP vs A2A: Comparing Agent Protocols), and Solomon Hykes (Typed Composition with MCP)!

Kent C. Dodds is as energetic in person as he is online.
Kent C. Dodds is as energetic in person as he is online.
Laurie had a _fantastic_ talk at MCP Developer Summit.
Laurie had a fantastic talk at MCP Developer Summit.
Bit starstruck here - big fan of Solomon's work with Docker and Dagger.
Bit starstruck here - big fan of Solomon’s work with Docker and Dagger.

The cool thing about the MCP Developer Summit was also the fact that I got to catch up MCP Steering Committee and Anthropic technical staff members - the familiar names for anyone who’s been digging through spec changes in the past few months, like David Soria Parra, Aaron Parecki, Ola Hungerford, and Darin McAdams.

And then, of course, at the AI Engineer World’s Fair, Julia Kasper and I talked about building secure MCP servers with the help of Azure API Management. The videos from those conversations will be available later.

Last but not least (and this just happened yesterday), I joined Olivia Guzzardo McVicker and Tyler Leonhardt (Visual Studio Code) to talk about the new authorization specification support in Visual Studio Code. That’s right, Visual Studio Code now fully supports the MCP specification, and that includes the new authorization draft spec.

So what’s ahead with MCP #

My focus has been on a very narrow area in MCP - security and authorization, so I can only really speak to that. The interest in building secure MCP servers and compliant clients is there across the spectrum. I’ve had multiple conversations with folks that work at both small companies just tinkering with MCP as well as enterprises that are looking to explore how MCP can help them make sense of all internal data and tools. In all cases they want concrete guidance and extensive toolchain support, which makes sense - security is hard, and nobody outside folks that work in security want to implement security controls from scratch.

The community is clearly also converging around MCP as the de-facto nexus for all sorts of primitives that Large Language Models (LLMs) need access to. It was the case at Build, it was also the case at MCP Developer Summit (very unbiased take, I know), and it was definitely the case at the AI Engineer World’s Fair. And it’s not just the enthusiasm - we see this reflected in the actual work being done across the ecosystem.

There’s more work to be done - we’re rolling out changes to the spec and security best practices, as well as changes to the SDKs (TypeScript SDK already supports the new auth spec, by the way, and C# support is coming). There’s a proposal out for enterprise authorization profiles, and we’re also fleshing out a draft for primitive authorization.

If you have any input, feel free to comment right in this blog post, or share your notes with me on Discord - I am a member of the MCP Community Working Group, hanging out in the #security-wg and #auth-wg channels.