Model Context Protocol (MCP) Update: Enhanced Security and Functionality
The Model Context Protocol (MCP) has released a new version with key updates including: removal of support for JSON-RPC batching; addition of support for structured tool output; classification of MCP servers as OAuth Resource Servers with added protected resource metadata to discover the corresponding Authorization server; requiring MCP clients to implement Resource Indicators as described in RFC 8707 to prevent malicious servers from obtaining access tokens; clarification of security considerations and best practices in the authorization spec and a new security best practices page; addition of support for elicitation, enabling servers to request additional information from users during interactions; addition of support for resource links in tool call results; requiring the negotiated protocol version to be specified via MCP-Protocol-Version header in subsequent requests when using HTTP; changing SHOULD to MUST in Lifecycle Operation; and other schema changes such as adding a _meta field to additional interface types, adding a context field to CompletionRequest, and adding a title field for human-friendly display names. The full changelog is available on GitHub.