MCP Turns One Year Old and Moves to the Agentic AI Foundation

Source material

Transcript

♪♪♪ Hey everyone, welcome to the Late in Space podcast.

This is Alessio from the Recurrent Lab and I'm joined by Squix, Editor of Late in Space.

Hey and here we are joined finally in the studio for the first time.

Welcome back, David from Entropic/MCP.

Yeah, hey, well, nice to finally talk to you in person.

Last time, like a year ago it was over VC and this is way fun.

I watched it back, it was eight months.

It's been a crazy eight months and I think we just celebrated like the one year anniversary of MCP.

Yes, we did.

At least the public announcement.

And also last night or yesterday was the Agentic AI.

On the Schonlöche launch.

Wow, yeah, that was nice.

It was nice to be in the Entropic office.

Yeah, you like it?

Yeah, it's very good food.

I would say in terms of my food bench, Entropic does rank over OpenAI.

Yeah, that's it.

At least that's what we have going for us.

Awesome, man.

Do you want to give just a quick overview of what's happening with MCP and how you're donating it to the Foundation?

And then we'll do kind of like a one year recap of the protocol itself.

And then we'll have the rest of the leads from the Foundation join us to do more of the high level.

Yeah, that sounds good.

Yeah, I mean, where we at at the moment, we have done like a year ago, we launched it and then we had this like crazy adoption over the last year now, which it felt like an eternity, honestly.

But we have this like crazy growth and like adoption, you know, through initially through like Thanksgiving and Christmas very early with a lot of like builders building MCP.

And then, you know, you had like the first big clients coming in like cursor and VS code.

And then like you had this like inflection point around April with like Sam Altman and Satya and Sundar and all posting about like MCP and that they're going to adopt MCP at Microsoft at Google at OpenAI.

And that was really like the big inflection point.

So, yeah.

But in all of the time, you also had to do a lot of work on the protocol itself.

I really like the we moved to be launched originally as like basically local only you could like the local MCP servers for cloud desktop.

But then we like in March this year, we moved into like how can you do remote MCP server to connect like really about like to a remote server and introduce like the first iteration of authentication.

And then in June, we revisited that and like improved it quite a little bit so that it works better for our, you know, for enterprises in particularly.

And we were very, very lucky that in that time for March, like June, we're like able to like have absolute industry leading experts that literally work on OAuth itself to help us with some of the pieces.

Right.

I mean, how to get it right.

And then we focused a lot of on like security best practices and this type of work.

And now we're like, I feel we have a really solid foundation and we're doing we just launched like in our end of like November, then the recent iteration of the protocol.

Finally, like the next bigger improvement to the protocol, which is like long running tasks to really allow for like deep research type of task and like, you know, maybe even agent to agent communication.

And so I think we're just stepping into like this territory now with like, OK, we have really solid foundations.

We have like one more big primitive we want to have.

We want to make like a little bit more scalability things work.

And then we're going to get into a phase where it probably becomes a bit more stable.

And so, yeah, it's been just been absolutely crazy.

You did say the agent to agent.

So there is a protocol.

I'm curious when the Agente engineering foundation got formed or just the Gentec Foundation.

Was there any discussion about any of these other protocols being a part of it or, you know, Sean wrote a post called YMCP one already.

So one of my favorite posts of it was already to go with it.

It was and it was before seven and all the other guys.

Yeah.

Yeah.

You were right.

Well, I mean, I think it was just obvious that was going to happen.

Yeah.

So yeah.

So we did we of course have conversations around like what is else in the market, like the payment protocols that are interesting and so on.

But when we wanted to start a foundation, we wanted to make sure, first of all, two things.

We want to start small and make sure that the group that is founding this like for us, it's the first time we have an open source foundation.

So this is all new to us.

We really want to start it small and making sure we're learning along the ways and being able to like like shepherd this and in the way we feel is best for for the industry together with with OpenAI and block.

But the second part of that is also like we really felt like we wanted to see things that have a lot of adoption or a factor like.

At least on the protocol side, like a de facto standard.

And I don't think any of the other protocols, it feels like they're not just there yet.

But of course, if they get there, then we are like super open as long as they're like complimentary to what's what's in the foundation.

On the application side, we're a little bit more flexible and we're like more open.

But on the protocol side, I think we really want to make sure that we're not like offering like the foundation doesn't encompasses like five protocols for the same like communication there.

And so, yeah, there was discussion, but I think for now we just want to start it small.

Is there a role like a double hat that you have now with the foundation or you've more focused on MCP?

I am still mostly focused on MCP.

It's a bit of a double hat.

So there is just like I think people need to understand like the foundation part is mostly just an umbrella to make sure the projects under it stay always neutral.

And I think that's really the most important part you want to get a lot of you know, want to understand because the rest of it is like, OK, how do we use the budget of the foundation for events and things that are like quite dry?

And then the technical parts to like MCP, they stay actually the same like on the on the way we govern MCP.

Nothing has really changed.

And so that's really still my job as the lead core maintainer of like shepherding the process, shepherding the protocol forward.

And then beyond that now, the additional double roll is like I'm also going to be on the technical steering committee of the foundation, which will like make sure to like figure out what are the projects we want to have in the foundation.

So if someone comes with a project to us, the people that have projects in it will decide is this something we would want?

Is this something that we feel is like well maintained as a lot of adoption is not going to go away?

We want to make sure the foundation is have like super interesting and important projects and not like a dumping ground like have, you know, some foundations might have ended up with.

That's true.

So we're going to meet some of the others later, but maybe we'll just focus back on the MCP development.

Yeah, you covered a lot.

There's been four spec releases.

There's a lot.

Yeah.

Some people may have missed some of them.

That's what I'm saying.

Right.

And I think it's really interesting how you continue to work on like really important parts.

Like I always think it's very hard to follow up a major success with a sequel because the sequel usually like is it's hard to repeat that impact.

But I think like every single time you've actually managed to focus on something important.

Yeah.

So maybe we can cover I guess maybe we'll start with the March May one, which is HTTP streaming, which is good.

And the off spec.

Yeah.

Any other I don't know if you want to highlight any others, but we'll just catch people up on that stuff.

Yeah.

So that that was I think that was really a that was such an important one.

Like it was the number one requested thing.

Yeah, it was like it really opened up this like remote thing.

And we were we already knew actually in December and November that the next big thing will be like, how can you do this over the over remote authentication is quite important.

One of the things I think people very rarely notice when it comes to MCP MCP is very, very prescriptive in like each layer.

Like other protocols are not like that, for example, like we like you want to do authentication if the client or the server don't know each other, you need to do all right.

And so we were very early.

We wanted to have like one way to do something.

And so we really focused on like, what does this mean?

Like, how do we get it over?

How do we build a protocol that has this like these streaming properties that we require?

And then how do we do authentication very early authentication in the first iteration?

I think we did an OK job, but we got some aspects wrong.

And most of them honestly were just me not understanding enterprises well enough.

But then again, I think the strength that we have with MCP, I think the one thing, if anything, I'm proud of is like building a community of people that can come together and help me figure it out because, you know, I have my set of experiences of like what I'm good at.

And enterprise authentication turns out is not one of them, right?

But they're way better suited people for that.

And so that's when we like, I feel that's more.

I saw I saw you post that, but I didn't really dig into the details.

Was it like the typical SAML type of authentication issue?

The main issue we did is in all there are two components.

There is an authentication server who gives you the token and then there's the resource server.

It takes the token and gives you the resource and return.

And in the first iteration of our authentic case respect, we combined them together into the MCP server, which if you were building unusable, yeah, it's kind of usable if you build like an MCP server like as like a like a public server as a startup, you're building a server for yourself.

You want to bind this to the accounts you already have that is completely usable.

The reality in enterprises is you don't authentic you authenticize with some central entity like, you know, you know, you have some ID provider IDP and you go off to an officer.

And yeah, for most people that what they don't even notice that's happening all they know is like, oh, in the morning, I'm going to go log in with Google for and they can access to all my work stuff.

But that's effectively the IDP.

Right.

And if you combine these into the same server, you just can't do this anymore.

And so all we needed to do is like, OK, we are a resource server, the MCP server is a resource server.

How you get the token from the authentication server?

We have opinions on how you should do it, but it's kind of separated.

And that's what happened then in the June spec where we separated this out and worked with all of these like, OK, you know, how do you do dynamic client registration on other aspects, which also were part of the March spec.

We can talk about that.

That's a whole other story of like we are actually pushing the boundaries of what a wall of can do with MCP because we're trying something very unique with MCP.

But yeah, that was that was the big part in in March, which we like.

And that was that authentication spec, the first iteration, then fixing it in June.

Yeah.

Wasn't a state of agents authenticating on my behalf?

Because even today with the O.I.

I still have to log into linear and whatnot.

Yeah.

Walth itself is for the most part a very human centric protocol.

It's just it just tells you how you obtain a token if you don't have a token.

Once you have a token, actually, it doesn't matter.

You just put it into the bearer token.

And so we are not very prescriptive of what like agent to agent authentication would look like or on behalf of agents.

They are ideas that we are looking into.

And I don't have all the specifics, but we are not prescriptive in the same way we are prescriptive as with O.I.

But you can't technically at the moment you have a token that might be like bound to like a workload identity or something like that.

Then you just can pass that still to the MCP server.

We're just not telling you how to obtain it just yet.

And so we're not prescriptive.

And so people do this and they can do it when particularly when they're within like an enterprise and have a somewhat closed ecosystem.

But if the client and the server don't know each other, we just don't have a good solution for now.

Yeah.

And then on the remote thing, you went from local servers like SSC and then streamable HTTP.

Any learnings you want to call out there?

Any regrets or learnings for others?

And then transport.

The one discussion has never stopped from the very beginning of the last year's about transport.

And we literally just spent the last two days at the Google offices with a bunch of like senior engineers from Google, Microsoft, AWS, and Throbic opening.

I just like what do we need to do here to really, really make this solid?

When we looked into MARC, we wanted to get a transport going that basically retains a lot of the properties we had from standard IO.

Because you really and I still believe just until today that the that MCP should also enable agents and agents are inherently somewhere stateful.

And there's some form of like long term communication going between like the client and the server.

And so we always looked for something like that.

We also knew that we looked into alternatives like, OK, what happens if you do WebSockets, for example?

And we have found a lot of issues with doing a proper bidirectional stream.

And we're like, OK, what is the right middle ground between having something that can be used in the simplest form that people do, like where they just want to provide a tool, but then is able to be upgraded to like a full bidirectional stream if you need it, because you really have like complex agents communicating with each other.

That's where streamable HTTP was born.

With that intent.

And I think there are some things that in retrospect, if we got right and something that we got wrong, I think we got right that we are really leaning just on standard HTTP in that regard.

We get wrong that we made a little things optional for the clients to do like you can.

The client can connect and open this return stream from the server, but it doesn't have to.

And the reality is, no client does it because it's all right.

And so a lot of the bidirectionality goes away.

And so features like elicitations and sampling are just not available to servers because they don't have that stream open because the client the client implementers like, yeah, that's the minimal viable project from product for me.

I don't have to do it.

And so that that became an issue.

So I think their lessons there.

The second part of the lessons is that the way we designed the protocol, the transport protocol requires some form of holding state on the server side.

And that is fine if you have one server, but the moment you scale this horizontally across multiple pods and like in containers or something like that.

Well, now if you get like true call and then elicitation and the elicitation result, you somehow require to like you might hit two different servers.

And you need to find a way to have these two servers somehow get this result together.

And you in effect, effectively need some form of shared like the Redis memcache, whatever you want.

Like something usually pops up or something like that.

Want to have like a shared state that you can like have.

And that's kind of OK.

And like we have seen this in PHP application and Python application being done.

But it's it's it's not fun if you do this at scale.

And we know from like some companies like the Googles of the world, the Microsoft of the world, they're doing MCP at a scale that I can't tell you the numbers, but it's like in the million of requests.

And so now it becomes a problem.

Right.

And somehow we're sitting here like, OK, how do you build an inspiration of the protocol that allows for basically these principles of like making it as simple as possible for simple MTP servers, but allow this full spectrum of like really bidirectional streaming if you need it, but also make it scalable.

And I think we're just allowed to find the right solutions.

But it's just it's complicated.

Yeah, because a lot of the technology today is really just it is very little like that.

People either do the simple thing and then you do like something like REST or you like a full bidi stream and then you're just going to do like WebSockets or like GRPC and so on.

And we need kind of both.

What is it like to be in that kind of meeting where you have all these impressive companies and everyone is senior and everyone has an opinion?

It's much fun.

I get to work with some of the best engineers in the industry like it's insane.

OK, well, who decides?

You know, usually usually there's.

We're trying to get to consensus like the reality is technically either side in the end of the day.

But I think that's more like a formalism in the end of the day.

What you're trying to do is just to really narrow down of like what's the what are the real problems we all agree on?

What are the things where we not necessarily agree on?

And what are the you know, and then within those bounds, like the best solution.

And it takes a while.

It takes a lot of iterations.

But it's it's so much honestly, it's so much fun because you get to see these unique problems on from the companies.

You see some of the identity of the companies in the problems themselves, right?

Like, you know, Google has a different set of problems like an Microsoft and and a lot of it comes from like just the ways of building things.

And then the problem from anthropic look different from the problem from open the eye.

But what I love about all of this is that everybody is that like sometimes you step back and like you sit in a room with all these competitive companies, but you're actually building something together.

And I love that.

I've been in open source for like twenty five years.

Yeah, it's very a lot of this kind of stuff.

And when a standard works, this is the idea.

And these people are all amazing.

I just learn from from all my peers so much.

I'm very grateful to be in the situation.

Yeah.

This reminds me of the IETF standards process.

Is there some discussion about how this works as a private group versus something more traditional?

It's an interesting one.

Like it does look a little bit like the idea of the idea of a very slightly different idea is like an open forum where everybody can go.

And the result of that, it's like the idea is very consensus based and by accident, not by like not necessarily because they want to be, but by accident quite slow in the processes, which is very good in many ways.

It cannot be undone.

Right.

Right.

Once it's once it's up.

Yeah.

And like, for example, when you look at like the walls, 2.1 spec, it's been in the works for like three years or four years and they're just not done with it.

Right.

And that's like that's the length of which IETF standardization works like these things can take a long, long time.

And I think that's good for certain pieces.

But I think in the eye at the moment, it's just so much fast moving.

You just you're somewhat forced to find a smaller group.

And so that's why we run MCP as like a really traditional open source project with like a core maintainer group of like eight people that basically decide everything and then like input from everybody else.

So we get input and people can make suggestions and we have a lot of the changes don't come from the commentators, but they're the ones that decided.

And that's like way more it's like a middle ground of being somewhat consensus based, but also somewhat like a bit of a dictatorship, which can be good if you want to move fast, which MCP wants to do at the moment.

How do you balance the influence of like the model improvements with how to shape the protocol?

Because obviously, you know, you have entropic in open eye, you guys are doing post training on these models to make them better tool calling and you have preferences on the shape of the protocol versus there's people that are not aware of like how you're structuring that.

So, yeah, do you like share some of these?

Like, does the protocol influence some of the model post training or like vice versa?

Maybe I'm not 100 percent familiar.

Like I'm I'm a product person.

I'm not fully familiar with everything we do on the research side for sure.

But it influences the post training in the sense that we're making use of things like the MCP Atlas that we are like having in our model card of like making sure that like we're taking this large set of tools in the wild and make sure that our models work with that.

But I think the primitives of the protocol, they're actually very rarely influenced by model improvements.

I think there is a sense that that we do anticipate the exponential that the models are on in terms of like improvement and that we're relying to some degree of mechanics that you can put into into the model training.

I'm going to get more concrete here.

So, for example, people have had long conversations around context build of MCP servers.

And that happens because MCP opens up the door to a lot of tools and if you may evenly take all the tools, throw them into the context window, you just get a lot of blood.

It will be the equivalent if you take all the skills, take all the markdown files and just throw them all into the context.

You will also have a lot of blood.

And but we already knew and I think we always knew that we knew that you can do something like progressive discovery.

And that's like a general principle thing of like you can give the model some information, let the model then decide to gain more information.

Right.

And of course, here is where we're like, you know, some of the foresight that we see because we are we are we are the model companies.

We know that we can train this if you wanted to.

And what the training does is just optimizes it.

The model can do it in principle already.

Right.

And you can any model can do it.

It does any type of tool calling.

But if you train the model for it, it's just better at it.

Right.

And so these things then go hand in hand.

And in a way.

But in the end of the day, the general mechanic of progressive discovery or this progressive discovery, that's just inherent to any type of model that can do any type of tool calling in the end of the day.

That makes sense.

Yeah.

Yeah.

And I think the context for that point is important.

And I think down there's the MCP versus code mode.

And then it's like, well, if entropic says code mode and entropic made MCP, maybe instead of as with the block was never actually called their code mode.

That's the welfare term.

That's it.

But yeah, but like people call it.

We call it pre-grammatic MCP and other color code.

But in the end of the day, what it boils down to is just like, OK, and here's the interesting part.

Like the first of all, MCP is a is a protocol between the eye application and like servers.

Right.

So the model is actually technically not involved in MCP.

And so now you have an application.

Go like, I have a bunch of tools.

What can I do with it?

And you can do the naive thing and go like, OK, I have tools.

I'll throw them into tools for the model.

And I call them.

But you can be more creative with it.

You can go in like, OK, all the really good writing code.

What if I take this and treat it like this, like API calls and you give it to the model and now the model generates code.

And what you effectively doing is this composability that the model would have done anyway by like call to lay, you know, get the result, go back to inference to call will be and then combine it into call free.

Now you all you've done is you let the model optimize it in advance and put them into a bunch of code that is just executed in a sandbox and go like call one, put it into two, put the results into three, get a result.

And all you've done is an optimization in the end of the day.

But the benefits of MCP of having authentication done for you, having something that is that is suited for the LLM, something that is automatic, that is discoverable and self documenting.

This thing has not gone away.

There's still MCP for you.

Right.

You're just using the different race.

I'm always a little bit confused when people go like, but MCP is why does it tell me that that does not that doesn't mean MCP is no, it's still just a different use.

Right.

And I think you will see evolutions as we're getting better of like how we use these models and the infrastructure around it gets a bit more mature.

You suddenly can assume that most model like AI applications will have some form of like sandboxing for execution.

You can do a lot more fun stuff like that, but I don't think that the value of like a protocol that connects the model to the outside world is gone because of it.

That makes sense.

I see it purely as an optimization, honestly, the token optimization.

This is a good time to bring up skills.

It's always so awesome.

So we are skills is a more recent concept.

Yeah.

We only bring it up because it's mentally linked in my mind to progressive disclosure and to adding preset code scripts and all that skills can also create skills, which is very fun.

Well, I think a lot of people are trying to place MCP versus skills.

Obviously, they're not overlapping.

But how do you view it?

Yeah, I agree.

I think that's the interesting part is like they're not overlapping.

I think they solve different things.

I think skills are super great.

And, you know, I think that the first that really like they're being built from the principle with progressive discovery.

But I think the mechanism of progressive discovery, that's just universal to any type of thing you can do with the model.

But what skills do they like to give you the domain knowledge for like a specific set of tasks like how you are, how you behave, how should the model behave as a data scientist or how should the model behave as an accountant or whatever.

But MCP gives you the connectiveness of the actual actions that you can take with the outside world.

And so I think they're somewhat orthogonal in like in terms of like the skills really gives you this domain knowledge is like kind of vertical and then like MCP gives you this horizontal of like, OK, you know, give me that one action.

And of course, skills can take actions.

They can take actions because you can have code and scripts in there.

And that's great.

But it has two interesting aspects that I think people got.

The first one is you need an execution environment.

So you need to use the way to execute your machine.

Yes.

And that's that's perfectly fine for, you know, if you like run a local like cloud code or something, then we can talk about like CLIs, for example, in those scenarios where you have like an execution environment, these things make a lot of sense.

And then it's great.

Or if you have a remote execution environment, then it makes a lot of sense.

But you still don't get authentication in that regard.

And so what I think MCP brings is the authentication piece.

It brings the piece that you don't have to like an external like person, like, for example, if you have like a linear MCP server, they can improve the server.

You don't have to deal with that in your skill.

Right.

It's not fixed in space.

And then the third part is that you don't necessarily need an execution environment because the execution environment is effectively somewhere else on the server.

And so if you build a web application or like like a mobile application, you these things come work better in some of these regards.

So I think they are orthogonal in that regard for the most part in there.

And I've seen some quite cool deployments where people use skills to explore of like different functions, different like, you know, the accountant and the engineer, the data scientist, and then use MCP servers to connect these skills to the actual like data sources within the company.

And I think that's actually a really fun model.

And I think that's the closest how I think about this.

Yeah.

So MCP is the connectivity layer.

I think it's the word that you choose.

A communication layer.

Communication layer.

Yeah.

So is it architecturally?

I'm wondering if it's like the MCP client inside of each skill or is there a shared client that can discover skills?

We do that as a shared one.

I think you technically want a bit more shared ones because you do.

The more shared you have, the better.

The more you can do like discovery things, you can do things like, OK, I have connection pooling, I have this, I can do automatic discovery of things.

I can even like, you know, in a skill, you might just very loosely describe what you want.

And I can look into the registry that I have access to and get an MCP server for you.

Right.

These things can you do, you can do when you do.

But I think both works in the end of the day.

Yeah.

But these are things to experiment with.

I do want to highlight for people who might have missed it.

You say we do.

Blah, blah, blah.

Actually, I think nobody understands enough how much entropic dog foods MCP.

And I only understood this when I watched John Welsh do his talk at the I.E. Where he was like, yeah, we have MCP gateway.

Everything goes through this.

Yeah.

And like, can you say more about that?

Yeah, I mean, you know, we use those.

We use a lot of like we use a lot of skills internally.

We use a lot of MCP servers internally because like we have it.

Obviously, you know, you want to make it very easy for people to deploy MCP.

You want to like have some form of integration with you, IDPs and so on.

So we have a gateway that we've built custom purpose for ourselves.

And you just got to like deploy MCP servers.

It is all internal apps.

It's all internal stuff.

Yeah.

Some of them are like external things like technically external things.

But in the lack of them offering a first party one, we have our own like we have a Slack MCP server, which I love to use that have cloud like summarize my slack for me.

And so there's quite a lot of usage for that.

Like we we have like an MCP server.

We're like we're doing like a semi biannual like survey, for example, around like how we how we feel like about the company about the future about AI about safety, these type of things.

And we have an MCP server for that.

And I can ask clock questions about the results, which is really fun.

Is it your team maintaining it?

No, we made any gateway.

But like I think one of the fun part is like when we started MCP, it was always like MCP before we even open source it.

It was born of the idea of like, I'm in a company that is growing crazy.

I'm in the development side of things, development, tooling sort of things.

I will grow slower than the rest.

How can I build something that they can all build for themselves?

And that's really the origin story of MCP.

And so it's fun to see a year later, like that's what's actually going on.

It's like people build MCP server for themselves.

I probably don't even know 90% of the MCP server said I'm probably because, you know, they might be in research and I might not even see them or I just don't know because people build for themselves.

But do they host it themselves?

Is there a remote?

They effectively have a command to launch it and just launches in like a QVOS cluster for them.

So it's like, partially managed.

Yeah, that's good info for anyone at a large company to build any platform.

There are platforms that offer that to you for us from a security perspective, we want to build these ourselves.

Like the person who built FastMCP, Jeremiah, like a company that offers FastMCP Cloud, which is a little bit like that.

You just like two commands and you have a running instance of an MCP server that talks stream over HTTP.

And then a lot of enterprises use things like Light LLM as a gateway.

And then they can even do like just launch standard IO servers, attach them to the gateway.

And the gateway does all the authentication, all the hard parts of MCP for them.

And so there's a lot of ways to do this.

But that's good infrastructure you really want to have is just like, make it trivial, make it like one command to just launch an MCP server that was a standard IO server and suddenly it's a stream over HTTP server with authentication integrated.

And you as a developer only had to do the standard IO part.

Yeah, I love calling that stuff out because people will take that and actually put this into their companies.

So yeah, otherwise, also the alternative is chaos.

Reinventing everything.

Shout out to Jeremiah.

Actually, I did invite him to do a workshop on FastMCP at my New York summit.

Yeah, he recently, a very great blog post about like a lot of the usage of MCP you actually seeing is in traveling companies.

And that's actually what we see at the moment too.

It's really cool.

Like in what companies?

Internally in companies.

In big enterprises, you see MCP everywhere.

And it's actually way growing way faster than you would think because it's mostly internal to companies and without people seeing it.

I'm about discovery.

So you launch a registry.

There were registry companies that were gateway companies.

The official registry now has other registries putting their own MCP hitting in your official registry.

We need more registries, man.

Just one more, bro.

One more.

Just yeah, what's the registry to rule them all?

Any learning from that?

Like launching a registry for like a new technology and like whether or not you know people like you know, smithereens one example, right?

If you go in the official registers like all the smithereens AI MCPs that you need to authenticate through them.

So it's kind of like just a pass through registry in a way.

How do you see how this is going to shake out?

I think we saw a lot of these like different registries come up and we really felt that there is a need for basically like an NPM, PyPy kind of approach to this where like there's one more central entity that is where everybody can publish an MCP server to.

And that's really where the original registry came from.

And we really wanted to make sure that at least we're encouraging the ecosystem to have a common standard of what these registries can talk to.

Because what we want to do, we want to live in a world where a model can auto select an MCP server from a registry, install it, and then for the given task that you have at hand, and then you just use it, right?

It should kind of feel magic.

But for that you need like some form of standardized interface.

And so we're going to do and that was really the inflection point of like, we started quite early working with the GitHub folks, even in April.

And then I got distracted with other things like authentication and work on that.

And so what I want to see, and I think where we slowly, but this is slowly adding is a world where we have the official registry where everybody can put the MCP server.

But this is the equivalent to an NPM, which has the exact same problems of an NPM.

Like everybody can put it there.

Basically, you don't know what to trust and what not to trust.

You have supply chain attacks.

These are just fundamental properties of public registries.

I mean, that's why we have this concept of sub registries, which then like the smithereens and others hopefully can do, where they can filter and curate on top of it.

And that's really the world we want to live in.

I don't think we're quite there yet, but we're slowly getting there.

Like the GitHub registry is curated after or speaks the same format as the official registry.

And so what we want is like, you as a company can have an internal registry that is a curated form of the official one, us maybe your own ones.

I mean, that's the one you trust and it speaks the same API than the official one.

And if you have like a VS code or anything else that wants to talk to a registry, you just connect it to yours and you're good to go.

And that's really what we want to do.

It's interesting because NPM in a way, it's almost like a download gateway.

It's like, I'm not really using NPM for discovery that often.

I don't go to NPM and search for packages.

It's kind of like I find them in other ways.

And yeah, I'm interested if you see like discovery is like a core piece of like the registry or like if you still assume that like there's going to be some other way that the agent discovers.

I do think discovery is important in the model world, but I think that's where it's different from NPM because we're building like something for AI first and we can assume there's an intelligent model that knows what it wants.

I think that's something that didn't exist before.

If you, maybe I don't know if you would build modern package management systems with models at heart, maybe you would do a similar approach of just like, here's what I want to build, just figure out, I don't care what packages you install, just do it.

I mean, that's the equivalent in the end of the day.

But again, with the public registry, you should probably not do this because it's a dumping run for everybody.

You want to do it against the curated, trusted registry.

I like your phrasing that the model knows what it wants.

Because I think that there's a dream that agents can use the MCP directories to discover new servers, install it for itself.

That seems like very AGI if it works, but it may not work.

And I wonder what needs to happen in order to do that.

I do think we need a good registry interface on one hand.

And then the second part is we need to build for this and see if it works and what.

We need trust levels, maybe.

You definitely need trust levels.

You need trust levels.

You might need some form of signatures, for example.

One of the ideas, I'm not sure if you're going to do it, it's just a random idea, but one of the ideas I always had is you can attach signatures from different model providers that have scammed this MCP server and say, "We trust this.

Here's the signature from Monthropy that these tool descriptions are safe.

And here's the signature from OpenAI that these are trusted by us."

And then you can decide, "Oh, wow."

So I think these distributed code signing.

It's not just really distributed.

It's just central in a way.

But I think this is the kind of stuff you will require.

But I think in the simplest form, what you can do, where you probably see it first, is in scenarios like internally to a company where you have inherent trust, because they will use a private registry.

They're effectively using private registries already for MPM.

They're using for PyPy, and they will also do it for MCP servers.

And there you have implicit trust, and then you can just search.

And I think that's really the interesting ground where we want to experiment.

And that's like, we have our internal registry effectively because when you launch like, we are John's infrastructure, like an MCP server, you get registered, right?

And so we need to go and experiment with that too.

Okay.

I actually wanted to also ask, you started running some events over in London.

Yeah.

You had the agents hackathon and you had Dev Summit that you called on your timeline.

Yeah.

I just wanted to get anecdotal stories of stuff you learned as you saw the community spring to life.

So we had two big summits this year, we had the MCP Dev Summit in San Francisco.

And the one in London too.

Yeah.

And the one in London.

And I think what you learn is a few things.

I think that the one thing is that you, that's very hard to get otherwise is just like these stories around how people use it internally in their companies.

And there you see some of the struggles, but you see also some of the success stories.

And one of the interesting bits that, which I really loved is like, particularly in London, you had a lot of financial people there because it's like failure of financial hub.

And it was actually the whole conference was in the financial district and learning just like the kind of problems of like things you need to enforce because you have legal contracts, because like financial like regulations.

These were things that were, that I did not know before.

And I learned a lot about like, okay, what does like a thing like an MCP like communication there need to look like if you have these like constraints that in a normal like development world doesn't exist.

Like I give you an example, like if you are in financial services, you're exposing some data.

That data might be coming from a third party.

And you must guarantee that you attribute that third party and it's a legal contract, right?

You must like they have declined this place that stated to you, it must tell you this came from this third party, right?

And these are constraints that just like in a normal model world don't really exist, right?

But like in a financial industry, this is like legally enforced.

And so these are the things you like, okay, how will this work in a world where I'm super far from MCP.

And so now that's when we like started like creating this financial services interest group that Bloomberg is heading up to like figure out like, what are some of the things that you like a client must do if it wants to speak to our financial services, MCP server, for example, and you know, what are the things that need to be respected.

And I think that's the kind of things you only learn on the ground in the conference is talking to people, right?

So I think there was some of these learnings there.

I think the other things that you just see is like just how many people are building and just the excitement and like the creativity that some people bring to this, like that I just love, right?

Like, and from areas you didn't expect, right?

Like I love the guys at Turkish Airlines, I just built like the Turkish Alliance MCP servers, you can search for flights and stuff like that.

So that was always fun.

I love when like people bring some really creative parts to the MCP ecosystem.

So I love these community when they come together, because you're just meeting things that are a little bit out of your bubble and I just get some input.

And I think there's a lot of learning there.

And so we're going to repeat it again, we're going to do New York in April, I think, or March or something like that.

And then we're going to do it again, six months later.

And I absolutely love that.

Any good sampling use cases that you found?

Not so much.

Okay.

Yeah.

And that's always the, like, you know, last time we talked about this.

You should use it more sampling a little bit, man.

Like we, I think one thing I learned from sampling, like everyone wants to use tools with sampling in tools that are not exposed via the MCP server.

Like when you want to do something, you want to have a set of new tools that you only want to use during that sample call.

And we just had no ability to do it.

And we just fixed this in this iteration.

And so we hope to see a little bit more, a bit more sampling use cases.

You will find every now and then an MCP server that does it, but particularly as MCP servers have moved away from more local to be more remote.

In remote cases, it's probably always better for you to bring an SDK because you have full control.

You can deploy it, you can deploy an API case and maybe even charge someone.

In a local case, where something is really powerful, because you're shipping something to a lot of people and you don't know what is there, what is the model that they've configured, what is the application they've plugged in.

It might be VS code, might be called desktop, right?

And in those cases, sampling is useful, but also like clients just don't support it.

So something is one of these things I'm like, I'm still sad about it.

I still think it's a very powerful idea, but you know, you got to, you got to win some, you got to lose some, you know.

No, no, no.

You're also, you know, upgrading it and, you know, my hopes are still up there.

I'm like, yeah, yeah, yeah.

Like my, in some ways, you know, when you get it right, this will be the real agent agent protocol.

Yes.

Yes.

Are most of the use cases that you see still data consumption?

That's been my use case for MCP.

Mostly it's like, yeah, it's context-adding, adding, getting data.

Well, the most action MCP takes is like update the linear task status.

Have you seen very complex, like MCP taking action workflows or are still people mostly using it for context?

Most people use it for context.

I think that's a vast majority of usage.

It is in the name, model context.

Yeah.

Yeah.

And Nick Cooper from OpenAI always keeps telling me rightfully so that the name MCP was probably a little bit poorly chosen because it feels it restricts it a little bit, which I agree with.

It's mostly data use cases.

I've seen like people doing deep research, I think people expose agents, so they are a little bit more complex, but it's not super common.

It's what people have to experiment with it.

Like the deep research use case, I think is a good one.

That's not too uncommon where people do like custom research for it.

But beyond that, yeah, most of it is really data.

Beyond data and deep research aspects, now you have also this new aspect where people expose like UI components through MCP UI or what we're going to call MCP apps in the future.

And I think that's super, super promising.

And I think that's really quite fun.

That's actually, you see a lot now with chat GPT apps with MCP UI in general that you see a lot.

Yeah.

And you have the tasks in the last year.

I mean, I'm curious because like if most use cases are like context and then you build tasks, it's almost like people are not really using it for tasks.

So here's like how you design it, like what you expect people to use.

We design tasks because we keep it come to us and go like, okay, we really want long running operation, which is basically agents.

We want like a long deep, deep research task that finishes in an hour.

We want tasks that like might not finish within the day.

And people have like awkwardly tried to do this with their tools.

And you can, because tools are effectively just an RPC interface at the end of the day, but it gets very quickly awkward because now the model needs to understand, oh, I need to pull this.

And it's just not very fun.

It's like, it's just not a first-class primitive and you run into a lot of limitations.

But it's come from the fact that people want to have a long running agents.

And that's like something we heard from so many areas and people trying to do this that we like, we really felt we needed to do something like tasks like GitHub issues from big companies.

Everybody was like, we need something that long running operation is really top of mind.

So I really think now we're going to see a lot of it now, but it's a little bit early to see how good it's going to go because it just landed in the S&P case and it needs to land in the clients and then we're going to see more of it.

But I will, I definitely, I think you will see a lot of the custom deep research parts with it and others.

Yeah, I'm very bullish on tasks.

I think it was very important to get right.

Basically, every orchestration or protocol needs, has a sync version and an async version.

Yeah, exactly.

It's an async version.

Any design choices that you want to call out that, you know, there were two directions and you picked one in just the overall design of tasks.

Yeah, in design, there was a lot of conversations like some were like, okay, is this just asynchronous tools?

Do we do a different primitives?

In the end of the day, it was important for me.

My litmus test for it was always, it needs to be able to like, if I want to expose something like Cloud Code or like any other like coding agent as an MCP server, hypothetically, this needs to work.

And a pure asynchronous tool call would just not do this.

You want some form of operation that can return, for example, intermediate results in the long term.

You want like, okay, I got to this result by calling this tool, this tool, this tool, I had this other input, I had this other tool, I did this and now this is the result, right?

That's really what you want to expose.

And task is early and it doesn't do that just yet, but it's built in a way that it will be generic enough to be able to support this.

That was the main constraint.

The other constraint was making sure it is, it's not a copy of tools where you can think about like, okay, we just do tools again, have slightly different semantics.

But instead, what it's doing is like, you can create a task by calling a tool with a certain set of metadata fields.

And then it automatically creates a task.

So the task itself is just the content of like a container that can...

It's a message.

It's exactly, yeah.

Like just like, you do something, I think, with a sleeve from starting here into any year.

And the thing we're doing is a tool call.

I mean, that opens the door to like, later plug in other things and maybe even other tasks.

Like observability as well.

Yeah, which is obviously going to be important.

So I think that was really the design goal, which makes it a little bit more abstract, a little bit more complicated to implement, but that goes away because the SDKs just do it for you.

And the SDK in the end of the day, you're just going to like, async call this and return something.

I mean, there you start to overlap with other async, like TRPC in JavaScript plan or, you know, whatever Go, protobuf stuff that Go people have.

Yeah.

In the end of the day, it's like, it's designed like a classic operating system interface.

Like you create a task, you pull it until it's done.

And then you can make an optimization, which we're going to do in the next round, which we didn't get around.

It's like, okay, instead of having to pull every minute or hour or whatever interval you choose, the server can call us, call you, like a web poke or something and go like, I'm done.

Right?

That's the optimization.

But the actual core interface is always that the client can pull.

And that's actually how like operating, our system operations and an operating system can work is like you pull, it has the file change, has the file changed.

But you can also use like a modern interface on the kernel, like I notify or something like that, or a Uring or something like that to tell you, oh, I'm done.

Right?

Yeah, the file has changed.

There's a trick I learned where like servers can hold the HTTP connection until it's done.

And then they terminate.

And that's the signal to, to the callback.

Yeah, which we do not necessarily want to do because it might take a few days.

And I don't want to have people.

It's very irresponsible.

It's cool.

Yeah, yeah, yeah.

Yeah, there are plenty of ways.

I think we were just going to go the web poke way, honestly.

Tasks are really interesting.

And we basically have to invent this.

When we did this, did like the Devon API, a cognition.

And I think that's also like, an interesting reinvention of like, well, everyone is going to need some kind of long running operation.

And this is well, when you're calling an agent, you also get this.

Yeah.

But the interesting part for us, I think what what MCP is always trying to MCP always tries to encapsulate what currently people trying to do.

And we not want to be prescriptive what you're supposed to do in a year from now.

We don't know, we don't predict.

We did tasks, because people like we need this now, right?

We needed this basically six months ago.

And we're like, okay, I guess now it's time to do this, right?

Instead of trying to do being predictive of the future, which is why we're trying to keep the protocol some more minimal and have, I think to some degree, achieved this all the other people would think already there's too many primitives in the protocol.

One minor thing.

And so let's say this is super long running tasks.

A lot of messages go back and forth.

And topic actually was a kind of leader in context compression or in compaction, maybe with this call it.

And I think a lot of the other labs also do the same thing.

Is there a way to handle that?

Or do we just statelessly sort of cut context and it's fine?

Do you need a full log of everything that happens?

Or no, you just asked about, yeah, right now.

No, you don't.

Like, I think we, I think they're just the thing, right?

We're very early in industry still.

We're learning a lot about like, what does the model date, what does not need, right?

And even today, like, some agents start to like, drop tool call results after a few rounds, because they don't need it anymore.

And I think that's very, very, very good.

And so I think besides compaction, you will see just better mechanics of like, understanding what you need and what you donate.

Like for a long asynchronous test, you might have a way where like, okay, maybe for a while the model sees it, but once you get the result, you just drop everything else.

Or you might even call like a small model, like a Heiko model and go like, what all this I shall retain, you tell me, right?

Like, you might be like the AGI approach, where we just like, let the model figure out what it needs to retain, right?

And so you can, you can see both worlds in them.

And I think there's just lots to learn.

I think there's not the one answer yet, because I think we're still figuring these type of things out.

And we're just improving and compaction, compaction is a good step for it.

But I don't think it's the last step there either.

It is actually the most obvious one.

But I don't think it's like, I think if you pay more attention to it, if you particularly think about like, okay, what could you train a model to do here?

I think we get to much better ways of doing that.

But they're all like independent from how you obtain the context.

And I think MCP I always see is like back to like, it's an application layer protocol.

That's just how you obtain the context, how you select the context that the problem for the application, and that's the problem all the agent applications will have in the end of the day.

And there will be a lot of different techniques.

A year ago, everybody would have told you it's rag style stuff, but not probably dead, right?

And now we do use models, we use compaction.

So I don't know what's going to happen in a year from now.

Cool.

SL.

Around MCP is another question I had is like, how do you see them as being used by developers to build AI apps versus being a protocol for AI consumers to plug things in?

I think that's one of the main things people get wrong, where it's like, well, I can just use a REST API, what do I need MCP?

And to me, it's almost like, it's not really for the developers to use is for like, people using AI tools to just plug things in.

SL.

I get the comparison with the REST API is quite a lot.

And I think there's interest, it's funny enough, because there's two problems in general.

Like the first one is, REST does not tell you what to do with an authentication.

The second part is already complains to me about like, tool bloat.

Have you looked at like the average open API spec lengths?

If you put that into a model, like you will have a lot of bloat there too, right?

Actually way worse.

And funny enough, when people try to like map one-to-one things, often the model gets slightly confused because you have like search by name, search by ID, search by something, right?

And like, suddenly you have like five tools that look very similar to each other.

And the model goes like, which one do you want, right?

I have no clue anymore.

So anyway, that side note to REST versus MCP.

But I do think MCP, I want to live in a world where it's like very, like much like a consumer focused thing, but something consumers shouldn't know about.

For them, what I want is, I want a world where you go to your application, you say, do this, and it should just do the thing.

And it should just connect with the right services that MCP is under the hood is a detail, or that the developer needed to know about, because that's the communication channel that they're talking.

But in the end of the day, you just get your tasks done, right?

And I actually prefer a world where nobody of like, my mom should not know what MCP is, right?

If she wants to use cloud, right?

But I do think it's very focused on that plugability of like an external like service, and in that regard more like on the consumer focused side.

And there are still use cases for developers in general, like, first of all, as builders, but also like I still love my playwright MCP server, man.

Yeah, but I thought our developer tool, the new Chrome one is like the new, right?

The new meta.

I also understand like for developers, right, like that run like cloud code locally, you know, like things that he lies can be better approach, right, for some degree.

And that's okay.

I'm curious about the MCP apps UI, with what you're talking about, where it's like, every client like chat GPT has their own, right?

So it's like, if I'm used to the MCP app of this product, but then if I go and chat GPT, there's like a different version that they curated.

It's kind of like a different experience.

So I'm curious how you feel about that?

Like, do you feel especially now that you open it up in the foundation, right?

You feel like all of this will be MCP backed in the same structure?

There's two influences, right?

Like MCP UI existed as a project, which had a lot of really good ideas.

I'm opening, I took some of them and really improved upon them.

And now one thing we just announced three weeks ago on the MCP blog is that we're actually working with all all two of them together to build like a common standard.

And so we're really hoping that we're getting back to the world where you build for one platform and you can use it across all of them.

You build for chat GPT and you might be able to use it in Claude or in the Goos or whatever it might be that the program of your choice that implements this.

But I think the general problem is what we have is I think that there are certain problems.

Like if you think about a modern AI application, everything is very text-based and that's okay.

It's nice, but there's things that as a human, you're just way better suited to go in visual.

The most basic example is you want to book a flight, seat selection.

You want to do seat selection in text.

It's like, here's the 25 seats you have available.

Nobody wants to do that.

I have no clue where these seats are even.

That's shoe-based drawing.

Yeah, I love it.

Of course you want an application that you can select with or it might be like a theater that you want to book for or something like that.

It's so obvious that you do want to have some form of an application in the user interface that the model can navigate and that the model can interact with, but you as a human can also interact with it at the same time.

I think that's what we're looking for.

I think it's just this next situation of building richer interfaces because the pure text interface is just somewhat limited and there's very natural things.

You see this in music production, you will see it off course, or you will have certain brands that will deeply care about presenting their interface.

Shopping is a good example.

Shopping has 20 years of A/B testing.

What's the best way to sell you something?

Shopping interfaces are super complicated.

You just want a way for displaying that to the user so that it's familiar to them and that they can interact with it.

That's what MCP apps is in the end of the day.

Yeah.

Technical direction wise, is the iFrame?

Yeah, it's an iFrame.

You are serving basically raw HTML over an MCP resource.

It goes into an iFrame and then it talks to the outside where post messages over a specific interface.

Because it's raw HTML and you're not really loading some external content, you can analyze it in advance if you wanted to with security.

Because you have an iFrame, the external application can just speak a very clear security-bounded.

This has been in browsers forever.

I think that I'm scared of it only because I hate course issues.

Yeah.

And iFrame is always a course issue.

Yeah, but this again, this does not load anything externally.

It should not.

There probably are restrictions that we then iterate and iterate and then in five years maybe it has not 25 course headers and whatnot.

Whatever, right?

But I think we're starting small again.

It's like pure raw HTML.

You should probably not have external references.

We don't run into these issues, but you're right.

And can I inherit styles?

No, in this iFrame.

Yeah, I think you need to put it in line.

Yeah, you will want it.

I feel like this is really minor, but you are people who care about this.

Yeah.

Which is you have it should look like chat GPT.

Yeah.

Yeah, like the chat GPT should look clogged and it's just like clogged.

I think that's a very good question.

I'm 100% agree with you like brands and others who are deeply, deeply care about it.

Designers.

Oh, 100%.

And that's something we need to figure out and that's where you need to get it out of the door and see how people use it and then iterate on it.

That's why I don't think it should be iFrame long term.

I don't know what the solution is.

Okay.

But like we need like new iFrame that lets some permeability because of this stuff.

Well, I think they're sensible.

Yes.

Well, I don't know.

But the other solution to the problem is the iGIPold approach of why just give it a tool that says, give me a style sheet and the model can call you and tell you what you're supposed to look like.

Okay.

Should an MCP app be know what it's being used, what the parent application is, is, you know what I mean?

It might be like the application also exposes tools, right?

That the model is free to call it.

Right.

Right.

Right.

Okay.

So maybe standard is an interface for people to pass down styles.

Maybe.

Yeah.

Amazing.

I don't know, but it's a very good astrology.

Let me ask the team.

I'm just like, I'm mostly right directionally there.

I'm like not in the ways of doing everything there.

Yeah.

It seems like a little bit of a surprise to me.

I never really paid any attention to MCP UI.

And then suddenly you guys all adopted it.

I was like, okay, well, I guess this is a part of MCP now.

Yeah.

And it went from a purely backend concern to now front end.

It's also like notable as technically an extension to MCP.

Like it's not MCP, MCP.

That's a pure technicality because it's a governance thing, right?

Yeah.

It's mostly like if you are a client that can render HTML, then you might want to consider implementing it, but you're still an MCP client if you don't.

And the reality is, it's like your average CLI agent can't do it, right?

So they will never do it.

And so I think that's fine.

Are there any other extensions that are similar?

We kind of look into like financial services as an extension.

We're like, okay, you might, you might end up in a world where a year from now there might be clients.

And have like certifications that they are an amp and get like a signature that they are like financial services, MCP clients, and they can prove it with a server.

And only then the server allows connections because it knows they are respecting attributions, these daily contracts that you put into place.

And you will see this everywhere.

You will, if you want to deal in the long run with a public service and public clients that do like deal with HIPAA data, like financial, like healthcare data, you will have to have guarantees.

Isn't it part of just auth or?

Not necessarily.

Like I gave you an example.

Like if I have the client might need to have five servers installed.

And if there's one healthcare server, that healthcare server might tell you, you are not allowed in this session to use any of the other MCP servers because this data I'm giving you cannot leave you, right?

You must guarantee that this data doesn't go anywhere else because it's HIPAA data, because it's financial data, whatever it might be.

This is a good example.

And that might be some of the enforcements you need to do because you just like, you don't want to have your or your social security number or your healthcare data show up in your backseat.

Awesome.

We're going to transition and have the rest of the AAF group join.

But any final call to action, like either, you know, people that should join your team, people that should contribute to the MCP spec or anything else.

I think the most important part is still building with MCP on a day to day basis for people to just go out, build really good MCP servers.

I think we see a lot of mediocre MCP services.

I mean, some very, very good ones.

And just building good MCP servers, looking at like how to use them.

I think that's super important.

The second aspect to that is like, we're a fully open community and we're running it as a traditional open source project that is based purely on like what people are able to put in terms of effort and time.

And so just like being an active part, like either giving us feedback, being in the Discord channel, talking with us, giving us ideas, while also just helping us implementing like the TypeScript SDKs, the Python SDKs, you're always looking for a new SDKs, right?

Like we have active go SDK development, but like we don't have a Haskell SDK.

I don't know if you're a Haskell developer or maybe you want to write it, right?

Yeah, there you go.

And so I think there's a bunch of stuff we can do and be part of it.

And I think I don't understand how much you can just be part of the community, but also just like going build.

And I think there's so much opportunity now, particularly to build like amazing clients, now that we have understood progressive discovery better, now that we have understood code mode better.

There's just this next iteration of clients to build and the next iteration of servers to build that I'm just looking forward for people to do.

Yeah.

My last question or call out is, I wanted people to hear directly from you.

I sense the energy.

I'm very excited by everything that you're doing.

But a lot of people are anxious about joining the MCP, joining the Linux Foundation.

They're like, Oh, is this an topic taking its eye off the ball?

Can you address those concerns?

Yeah, I love that you asked me that.

Like I think, yeah, I can totally see why people think that, but like, it's actually quite the opposite.

Like the commitment of anthropic is the same, right?

I'm still, we still have the same people I'm helping with the SDKs.

We're still super committed in our products to MCP.

I'm still the lead core maintainer.

Nothing has actually changed.

What really is the main part of the foundation is like two things.

The number one is like making sure that the whole industry knows that this will stay forever open, that this cannot be taken away.

And there have been, there have been like anthropic would never do this, I think, but there have been histories of like companies going like taking an open source project and suddenly making a proprietary again.

We have protocols that are proprietary.

Look at HDMI, look at like what's the problems of HDMI and Linux?

What's on HDMI?

HDMI 2.1, the HDMI form does not want to allow the AMD to develop open source Linux drivers for HDMI 2.1.

Really?

There's some, look it up.

Wow.

So, you know, there's people like keep a very close tap on it.

And what this does is like, no, this is now owned by a neutral entity.

It will always stay open.

You can use the word MCP.

Nobody's going to sue you over it.

So there's a bunch of that just giving the ecosystem and the industry that confidence that this stays neutral.

I think that's important.

The second part of that is that I think one thing if anything, I'm the most proud of is that I think we have set the tone for open standards in the in the industry and being able to now use that momentum to build like community in a space where people can come and bring really well done, well supported, well maintained projects and have them part of this foundation.

I think that's the other part to that.

But the funny part is like our bar for the foundation is going to be like it needs to be like really well maintained.

It's not like you're taking the ball off.

It's actually exactly that what we don't want.

And so we will not do that for us.

MCP is still core to the product and still super important and a topic.

And so we still just as much as committed as we've ever been.

Amazing.

Awesome.

Thanks for joining David.

And we're here in the studio with core team members of AAF.

It's the biggest panel we've ever had on the podcast.

So welcome, guys.

Maybe we'll go left to right and introduce everyone and also identify the voices for people listening on audio.

I'll start.

I'm Jim Zemelin.

I'm the CEO of the Linux Foundation.

I've been working there 22 years and I was the person who helped facilitate the launch of the foundation, but take no credit for any of the technology work that's to my left.

I'm Nick Cooper from OpenAI.

I've been there just over two years now, I think.

I'm generally OpenAI's head of a lot of protocol things and very interested in the open ecosystem and our representative for AAF as well as a core contributor to NCP.

What's another protocol that might form an umbrella?

Agents and just in general, not just the protocols, but also the product experiences of where OpenAI products intersect with other SaaS provider things and other systems.

I'm David Zoriapara.

I am working at Anthropic, member of technical staff there.

I'm the co-creator of NCP and yeah, Anthropic mostly lead all the NCP efforts.

Great.

And I'm Brad.

I'm the principal engineer at Block.

So by day, I build AI products and by night, I work on open source like Goose and I'm the original author of Goose.

It's great to see everybody come together.

I think when I heard about the news, I didn't really expect it.

I wasn't on my bingo car.

So maybe let's have a little bit of inside baseball.

So you obviously have OpenAI and Anthropic and yesterday at the launch event, you were joking on how you didn't know that the two companies even talked to each other.

And then yeah, how did the conversation start?

The conversation started out of two things.

The first one is that on the MCP side, we always knew that we wanted to find a neutral home for MCP to make sure that the industry understands that this stays open, that this is something safe to adopt.

And then very early in the process, as we were looking around like what to do about this, should this be a project in a foundation, should this be inside its own foundation, which is like these common patterns you see for this kind of work.

And we got approached by our friends at Block to discuss because they were looking into donating Goose, I think at the time.

And so there was a question around doing something together.

And then we approached OpenAI and they were very, very welcoming and very open to the idea as well.

And it slowly looked formed.

And I think, you know, at the time from this, it's like a few months, these things are not happening out of thin air in like a week or so.

And so just a lot of conversation, like what do we want to do?

What are the kind of like constraints we want to have?

And what is the thing we want to build?

And of course, we were looking for where to put this kind of stuff.

And that's where the Linux Foundation comes in as, I think, the biggest foundation of its kind and certainly has like decades of experience helping companies through a process like this.

I'm building what is technically called a directed fund within the Linux Foundation to build these kind of things out.

I think David said basically all the story from my side as well, which is so we saw this like need to connect systems and then MCP gained such very large developer traction.

And we at OpenAI were very excited to like, use and then contribute and actively participate in this.

And from my point of view, it was always very natural that this would grow into something bigger and move to a neutral place.

And like, MCP has always been like a foundation for like communication between agents and contacts.

In a similar way, the agentic foundation is, well, it's a foundation.

But also it's like the starting point where we really look forward to other contributions like starting with Goose, our own agents MD, where we're really open for like a lot of technical contributions to build out like a full agentic ecosystem.

I'm curious, Jim, you know, I've been to the Linux Foundation events before I spoke to them.

It's almost like it's an MCP so early that like how do you even structure in a way?

I'm curious, because so many of the technologies that the foundation supports are kind of like core pillars of infrastructure and the internet.

This is probably like the youngest technology that you brought in as a foundation.

What are the goals of it?

Yeah, I mean, I think what's interesting here is even though it's young, I think if you, I think AI years are kind of like dog years.

Absolutely.

Do you use this metaphor?

But yeah, totally.

This is why I run three conferences a year.

Yeah, exactly.

You can't do annual.

I think last night someone was asking, what do you see a year from now?

And I'm like, well, if I dial the clock back a year, would I have anticipated where we're at right now?

There's no way.

And so I think part of the thing with MCP is that we're just living in this kind of dog years velocity.

In the past, I think things took a lot more time to pull it less.

And what is clear is that a lot of people are adopting MCP, see it in commercial products that companies are rolling out, you see a lot of usage in the enterprise already.

And there are still is a ways to go in terms of the technology becoming mature.

But I think the same thing held in internet protocols, you know, that took a little bit longer to mature and the internet matured over time.

But I think the thing I'm most excited about, it's becoming clear that MCP will be a key protocol for this technology movement.

And I think, you know, David and these folks were all pretty wise to realize that, you know, if internet protocols had been owned by a single entity, you'd still be calling it American online, America online.

It wouldn't work.

And I think that this has got all of the underpinnings to be a huge movement.

At the Linux Foundation, we asked three questions for every project.

Will this be meaningful and impactful for industry and society?

The second question is, do you need more than one organization to collaborate to do it?

Otherwise, you don't need us.

In this case, clearly, we've got that.

And three, can we get the resources and build an ecosystem around it and 50 companies on day one, you know, a huge set of folks in line to participate in my L inbox, I'm sure your guys are too, is like full in 24 hours.

How do I participate?

We want to contribute.

How do I get in there?

I've never seen that kind of inbound interest starting any project at the Linux Foundation in 22 years.

How do you pick?

You got all these people reaching out, you know, there's good and bad?

It's a really good question.

I think it's like how to pick how we expand the foundation itself from a governance standpoint, but also like technical contributions and how can the foundation best support them as well.

That's like really top of my mind.

It's like the first thing we need to like define some structure and work out what we like how to bring it all together.

But I think even before like those details, there's such value in establishing this one forum that people can come to, like even having a list of eager technical participants and potential opportunities.

That's a huge opportunity in front of us to like distill what's truly meaningful to developers users and everyone.

And very appreciated the Linux Foundation reacting is like it's sort of a galvanizing rod for this like attention.

Brad, on the sort of block and goose side, it's an interesting the involvement that you guys have had in the sort of engagement that you guys have had.

What was your calculus in joining the AIF?

So for us, I think it's like in developing something like goose, I think the thing that I see it as being part of this umbrella is it's the most concrete piece.

So you can actually like download goose and use it in a way that you can download in ages MD.

Like what are those parts do together without having something that actually like connected to clients, like a real client.

And there's, I think a lot of value in that because when you get into the protocol space, you want to add things to it.

But you have to actually show like what is enabling like why are you making the protocol wider and putting it into like a reference implementation shows you like, oh, it's giving this value to people like very concretely.

And I think there's some like, for example, there's like a spec for MCP MCP apps that is brand new.

And we've been working on MCP UI for goose.

Yeah, so goose has been like kind of a day one partner with the MCP UI team.

And so now we've had MCP apps will go we have opened an issue today about how we're going to go get that into goose.

And so that's something where people I think you hear something abstract like that, like what is send it what is the server sending an iframe to the client like do and I think goose is a place where you can see it like, okay, you're going to build a dashboard or you're going to have this enhanced chat experience.

And so this is something where I think we collaborate more and more to say like this is what it looks like and how you look at some of these abstract things and make a grip.

Yeah, I think the other tidbit here maybe like back to the history of both MCP and goose is like goose was the first open source agent interface or agent that reached out to us and worked with us to integrate MCP.

And I think Brad is actually like technically the first non-anthropic contributor to MCP ever on like Beethu or something like that like very, very early.

So this goes all the way back to like November last year to like the partnership of having MCP inside goose.

Yeah, we had a version of goose that was still you can go check the GitHub history.

It was there a little bit before MCP came out and we were sitting there with like a plug-in ecosystem who were like this is awful.

Like why would anyone come develop a plug-in just for goose?

But we saw all these opportunities and so we started talking to anthropic and we were like I think that there's a space here for a protocol and they're like well let me tell you about and it was really cool to see you know what the zigzag site.

No, no, we didn't.

We reached out before we heard the zag thing and so we were like okay like yes we just want to like we want to pile on to something that has a chance of succeeding because as like a client it's like an ecosystem right?

Like the more people who are using it you get more value as a client than as a server because you know your servers are going to work with any client and then as a client you know you have this like giant library of servers and so that's been like a big part of what goose does is that it's not really like it is a coding tool.

People use it as a coding tool but you can turn off the code part and you can just connect to any MCP server and so it can be like operating like you know a science experiment I've seen that or like just like Google Docs or whatever and I think that it kind of shows you how MCP goes beyond just like the back coding space.

Yeah, I think as well it's also the fact that this concrete is so important like for all these standards like there's a long history of standards throughout computing that like people like proactively write a standard and then when you know the it's actually tried out it has problems.

Yeah but like for MCP and like all these new agentic standards we're coming with we really want demonstrated utility like what the most common thing on the call committee is like as a proposal and we come back to people saying like have you tried it out does it work?

The protocol is about communication so if you're trying something out you need collaborators and you need like concrete open source projects like goose and you need clients you need a variety of servers because it's only with that sort of open ecosystem they can meaningfully understand if this is actually going to work.

I totally agree with that I mean I think the world of standards and open source development are disemerging right you sort of could develop these things together.

I think I was trying to figure out whether David is Vint Surf or Linus Torvalds for agents and I think maybe it's a little more it leans a little more Vint Surf and then maybe Ghost is a little more Apache web server and my whole Linus part kind of falls apart at that point but you do need something substantive to try the protocols out in order to make sure you know how to improve them that's that feedback loop that's so critical.

The OpenAI also has a coding agent that is open source.

I think what's the thinking there apart from like well would Codex ever be donated to AIF we just don't know yet.

I think the short answer is we don't know yet but like it's sort of like a feedback loop which is in this open ecosystem like we don't want to have too much alignment all on like one implementation one thing there's like real value to users and developers or whoever's the participant to like active competition in some parts so there's this balance of like we need openness to foster like collaboration and experimentation but like I would like to see a variety of coding agents and each one might deliver unique value different value and be free to explore independently so it is sort of like a careful balance here this bit of like a taste making approach to like contribute things that benefit from being open like agents and ease an example which is open up any github repository it has this file that works the same way like if everyone sort of did their own thing there that's very low value potentially damaging but um so there's commonality value whereas for actual concrete implementations and projects it's great to have reference implementations in many ways or experimental grounds like goose but I really favor a huge variety of them because that way we'll see what comes to be the best is there a roadmap for what you want to add for example the agenda commerce protocol like chudgy video already uses but that's not a part of it um there's no model as a part of the foundation um do you already have a roadmap or like you said you're just kind of like going month by month seeing what are people using and what should be in there I think we don't have a roadmap in the sense of like projects lined up but I think what we have is principles by which we will select products um to some degree and I think the effort here is mostly around sitting together after the note that the foundation is created and then evolving these principles as we're seeing people going to ask us about the projects they would want to put in um and then develop the foundation um further as time goes but at the moment I think the most important part is that we have the principles in place and then um you go and having the conversations with people who want to uh be part of this foundation one principle that like really comes to mind to me is um composability like I often use the analogy of like lego blocks sort of thing which is egentic systems are a sum of many many parks and so like something that I hope the foundation can evolve to do is have these like interoperable composable bits that all work together pinkly and so we don't have a roadmap of like future contributions but like I welcome all contributions that play nice with other contributions and like really create this potentially like a future flexible open egentic stack to be like not a universal agent but an agent that suits everyone's purpose on the eight yeah it's tricky you got it's a hard and these guys have the harder job of early in innovation cycle you don't want to restrict innovation by saying like oh well this is the one you know versus that one but you also don't want to let every single random thing you know into an organization like this and so I do think you need this tastemaking is a good way to describe it where a group of you know elite architects and developers you know folks like the three people sitting next to me are more curating and you know some some things can work some things might not but there needs to be a process which I think we'll define uh to do that that curation um that happens via tastemakers and and it's more of a not just more but essentially a technical effort not something where a committee of you know folks from vendors get together and say well my product should be in this roadmap and that guy's product should be in this roadmap that tends to not be very successful and which leads to this other principle that we really want projects that are have all those traction that are well maintained that that have um that are very very healthy in the foundation I think that's super important to us right yeah I think like you're looking for something to have already found a niche and to be established because you don't really want to be pushing like a speculative architecture you really want to be embracing something that already works and so I think a lot of the stuff that we're talking about like payments or like kind of uh I I really enjoy the like interface to model architectures I think those are really interesting but it's not yet obvious that that pattern needs to exist and so that's something where we can go see it and like try to make it work um in some projects and then come bring that back if it really has a role and then on the opposite what's my incentive to bring my project you I have a project with adoption is well maintained it's healthy what's the benefit that I get from um donating to the foundation I mean I can start that but I'd love to hear from these guys as well I think what you all technology is an implicit futures contract right and so you know if there's technology that has traction and uh that traction sort of wants to be built upon having that technology at a neutral place like the agentic AI foundation where the whole industry is making decisions about how to invest and when I mean it when I say investment I don't mean like becoming a member of the foundation because you don't need to become a member to participate on the technical side it's decisions about hey I'm gonna you know assign 10 of my company's engineers to co-develop this with your organization the contributing organization and you know the that's a way that we can all essentially co-develop together and that will provide better support more development velocity higher code quality because more people are participating in it and that's a massive incentive if you know you want your technology to actually be used and adopted in industry and get more feedback and kind of a positive feedback loop of great project that gets great products in the market that market feedback then you know allows companies to make money off of them they then pay engineers to improve the project better products more profits better project and you know that's the incentive uh which is pretty high one co-ed out of technical this sort of spin which is none of these things that built on a vacuum like all these projects build on lessons and learnings or practical code from other projects and that's a big opportunity like any technical technical contribution will bring its own unique value to the foundation at the same time it then gets to learn the lessons that all the other participants in the foundation do and like i found it really valuable over this past year working with david and others on the mcp committee about like it's actually that communication thing that makes our ideas more robust makes the implementation better we can be sure it's secure and safe and actually works this requires communication and that sort of the foundation is the natural like town square put this in the way i think so one last angle on this i think if if you're working on a standard or a protocol this is such an obvious decision right like the value in the protocol is about how many people are adopting it so being a part of this like gets you that reach but i will say as someone who's working on a client and not a protocol i think there's value there too right like we want this to be part of the foundation because we like develop these ideas together to your point and so it makes it better like we're donating goose because we think it's going to make it a higher quality tool i actually have a follow-up question on just the lf side lf has many other funds and and and organizations including data data and ai foundation as well as like dedicated like pytorch and all the other ones um i guess why a new foundation well because everyone's special no i i think that the way we look at uh in this space and you know i'll put aside the projects in semiconductor tech and operating system and stuff but in ai we think of it sort of like how the market has evolved you know it started with tools like pytorch and you know that the transformer tech that is used to create llms the the linux foundation kind of took a pass on a like frontier model world because in the open source space having connection to an intern the internet and some intelligence and a computer that sort of entry in the world of frontier llms it's a computer connection to the internet some intelligence two billion dollars with the gpu's and a ton of data harder for consortiums to do that kind of work so pass uh then you look at how you know reasoning models have come out need to be you know in inference world things need to be scalable okay now you've got interesting technology vllm ray things like that they have to be deployed on something kubernetes is sort of that these are all distinct components agents are a distinct enough set of technology that it merits its own community separate from d n a yeah because like a pytorch dev isn't really doing a ton of stuff in agent land right you know somebody working on dockling maybe is a little more adjacent right but not quite the same as somebody who's uh like working on transformer tech or vllm and so they are logical categories i mean sometimes stuff comes in over time and you know we sort things out later we had early on in the telecommunications sector you know a software defined networking effort a network function virtualization organization orchestration effort a whole bunch of stuff uh all separate nes and uh they i was like let's just bring all these things together because the technology is now mature we're taking all this money in but we don't really need the resources anymore because the market's already mature and so it took me a year to get all these companies to decide to bring all these things together and not pay all these separate fees and have all these separate orgs i have a little folder in my inbox that says you know convincing people not to give me money but in this world i think it's a different kind of audience i think it's narrow enough i think it's specific enough to agents where it merits its own entity i think as well it um dovetails somewhat with the earlier thought like with the taste making aspect to this for these organizations to be effective they really need a focus like something that brings them together and ultimately like you can imagine an alternative where we snowball and there's only the linux foundation as this uber do everything remotely connected to a computer and that wouldn't be that effective so there's a taste making here as well which is going to be focused on the genteck systems and how they connect together and the gender ki foundation but like everything's about growth and evolution so there's a possibility that later down the line we recognize some natural affinity there's something new something old and then they can be brought together but the focus helps the beginning certainly what's going to be the actionable outcomes so obviously you have the funds to direct i know a lot of the linux foundation does events there's also like eventually like certification things like that yeah what's the split of the foundation investments is a lot of it going back to different projects individually is that about the community building and then from people that have not been involved from the outside it's like there just seems like a nice blog post and a bunch of logos but like in reality how are things kind of the action yeah i mean 50 companies coming into fund a bunch of blog posts seems like overkill right exactly um so i think there's a couple of things one the intellectual property assets now are owned by this entity that entity is responsible for making sure that you know that ip is managed effectively that licenses are complied with that intellectual property problems are dealt with some funding goes to that there's a leadership function where you know to help bring consensus across the industry and within developer communities you have to have a special kind of someone to do that and i think they need to be technically knowledgeable but humble enough to know that they're that the community is the one who makes the technical decisions so kind of just you know sort of lead through influence to kind of help people organize things effectively so you hire some people to do that you hire people to do like developer outreach community engagement because you want more developers coming into the community so funding to go to that and then there's a huge convening function the linux foundation hosts 50 000 plus uh virtual meetings a year so we have this like i think we're probably like one of the largest users of zoom i know for sure we're the largest slack user in the world and so that convening function is is critically important make it as seamless and easy as possible to convene and then yeah we we hold events because i think you know to your point developer engagement face to face being the town square where you physically get together means something so i think you guys have been to kubecon you know we have easily 10 000 people that come to that conference twice a year in europe this summer there were 13 000 folks there who you know come in and they exchange ideas the core maintainers get together and make real decisions and then the last thing we spend resources on and you can go even just check these out for some of our other projects is we have a whole platform that enables you know maintainers to look at their community and and understand you know like what's our velocity how many developers are we adding like what's the social media scuttlebutt around this project uh what are leading indicators of adoption how's our security uh doing like you know do we have good practices about application security and those are all things that we you know invest in to help make these communities you know better commercially adopted so that we get that positive feedback loop of like adoption that gets more investment in the form of developers providing input and that that virtuous cycle kicks off that's where the funding goes for these kind of things i put in that question into our doc because it says is a directed fund so my cheeky question is well what are you directing them to so i mean that's it's kind of so directive fund gets into like the the nerdiness of this yeah so but it's the reason we structure it that way is somebody has to own everything the linux foundation is actually ownership vehicle and remember we separate technical governance from the governance of actually how money gets spent because we don't want this sort of pay-to-play aspect of technology that tends to screw everything up and so the directed fund is really like you know real stakeholders who really care about this tech put money in and use it in a way to help build the market and the community and all the things i just talked about and just let developers do what they're super good at get together solve tough problems be you know tastemakers that that's something that we separate yeah i think there's a great essay by rich haggy who created closure about open source it's not about you just because something in open source i don't owe the response to your issue until pro quest and i think some of the worry sometimes that people have about the groups is like well you know if not you're a part of this thing am i supposed to also listen to your thing and implement the thing that you said so i think that's going to be a super interesting thing in a technology that is so new you know i feel like everybody because there's so much venture money in like early stage companies and like obviously the foundation model labs raised so much money that they need to be on top of it there's a lot more pressure i think from the community to try and be a part of it and like put their stake and be like yeah we've contributed that or whatnot so i just think it's like a unique compared to like the cncf for example where the hyperscalers are kind of like around the clouds and we all know what those workloads look like and like nobody's really trying to influence there's not like a open AI preferred thing versus like an anthropic preferred thing but it wasn't it wasn't always so so when we started cncf i got a call from i think it was urs holtzel and brian stevens who were over at google yeah it was 2014 i want to say and uh you know they're competing well they had they weren't even competing they weren't in the cloud business and they wanted to be in that business amazon was you know hosting virtual machines on ec2 and they were the de facto leader they said we will give away kubernetes which was kind of the borg and they renamed it kubernetes uh to the linux foundation and we you know because we've never run a virtual machine we think containers are a better way to scale cloud applications we'll give you this tech and and it'll be helpful to us if the entire industry adopts containers and kubernetes as the way to build and deploy applications so that was the strategy out of google uh and they contributed some serious ip that we all know today is awesome but at the time remember mezos was still a thing like paz was still a thing right like you know heroku cloud foundry even open stack like virtual machines were still kind of the things it wasn't clear what the abstraction layer for cloud computing was but once the market started sort of piling on to kubernetes you know like oh now microsoft joined cloud native computing foundation they're investing in kubernetes and creating kubernetes services oh wait amazon's now investing this then the consensus was really coming and built up here i think there's a somewhat similar situation here with the caveat of saying like 10 times faster right like just day one so much momentum around mcp so much interest in this and then also 10 years of cncf to sort of teach the developer community and the vendor community how to do this well where you know investment is not mutually exclusive to great technical outcomes i think has been super positive so i think this is going to move super fast awesome um we don't want to keep you guys too long i'm sure you've been on a media tour this week what's maybe from each of you like one thing you look forward in the new year from the foundation so i don't really know what it's going to look like that i really look forward to like the next step like as david mentioned like it's being months of development and discussion or whatever to bring us to this and there's this sense of i guess relief achievement that's like you know you made a foundation we're collaborating we created this open space it's great but the what next i'm super excited for the next technical contribution for the first aaf event or night or conference or whatever form that ends up taking because there's another world where like bodies and foundations are created and then like eventually they get forgotten and this is not that this is really a beginning and so i want to see it be healthy and grow and i just don't know what comes next so i'm most excited to see that in the new year yeah i think you're most excited like if i really take a neutral look at like what just happened in the industry was creating this it's like you have ugle microsoft amazon um uh block lumbar cloudfare open air anthropic just a platinum member create a foundation i think it's like this is actually quite quite cool and quite substantial and now it's just like now we have this like starting point of like what can we do with this and and to Nick's point we don't i think there's a lot of like things we don't know yet and like things we need to figure out like for anthropic this is the first big foundation um we're creating and we have to learn a lot here um but i think it's just such an interesting like starting point and i'm just super excited for these like new when you when you start something new like what you can build with it and it's it's in a way of building something that i'm not familiar with so i'm super excited to learn about this and seeing what we can do with with this like i feel like quite unique vehicle now and like really driving the agent like ai um open source community forward and focusing on what we're some of these companies who are very competitive with each other have coming around and where we can build things together that is just benefiting and uplifting every user in the market and every developer in the market every builder in the market significantly that's what i'm really excited about um to see i definitely agree with both i think there's a lot of like opportunity to figure out what the structure does but let me give you something more specific that i think is like already in in coming up which is i i want to see how agents become asynchronous and i'm really tired of like reading through chat sessions and i and i want this to be a thing where i can go have like 20 agents working for me and actually see that come together so i think that mcp is starting to like approach that answer and then we want to like figure out how to make those reference implementations and show people how they can actually get like another order of magnitude out of what ai can do for them you don't enjoy pressing yes every five approve every every three seconds bypass bypass dangerously skip permission yeah i turned it off i'm with you on that one i think what i look forward to is you know the success stories of you know the the organization that's implemented agentic technology in that way and hearing how it really impacted their business i'm looking forward to stories about mcp startups that made a ton of money i'm looking forward to stories uh like like in cncf this year uh cvs pharmacy joined the cloud major computing foundation right like a you know a pharmacy company that's really a user and adopter of technology sort of you know the late majority i think we're going to start seeing organizations really really use this tech impactfully provide feedback back to the community and like it it just the potential of the technology i don't need to tell this crowd how huge it is but we'll start to see that truly manifest that that is going to be cool well thank you all so much for joining and congrats on the launch thank you thanks for giving us