Cookie Consent

I use cookies to understand how my website is used. This data is collected and processed directly by me, not shared with any third parties, and helps us improve our services. See my privacy and cookie policies for more details.

MCP Registry Architecture

Version 1.5 · 19 March 2026

Github: repo Paper: v1.5

This paper proposes a lightweight, deployable architecture for solving the agent discovery problem in Model Context Protocol (MCP) ecosystems. The core proposal is a DNS-based convention — an _mcp TXT record — that points any compliant AI agent to an organisation’s MCP registry. DNS-based discovery is not new: MX, SRV, _dmarc, and WebFinger all use the same pattern. The novelty here is the specific convention for MCP, the design decision to make the registry itself an MCP server (requiring no special client code), and a fully serverless reference implementation.

No novel infrastructure is required. The proposal composes existing, operationally proven technologies into a governance-first discovery layer that any organisation can deploy in a day and run for under $5 per month at typical registry volumes.

What the Paper Covers

Download

The paper is available in PDF, Markdown, and Word formats from the companion GitHub repository:

github.com/mariothomas/mcp-dns-registry

Versions

VersionDateStatusChanges
1.025 February 2026PublishedInitial publication.
1.127 February 2026PublishedAdded Section 2.3 — What This Proposal Does Not Solve — clarifying that the _mcp DNS record addresses discovery only, and that authentication, authorisation, and tool capability enumeration are explicitly out of scope for the DNS layer.
1.228 February 2026PublishedExtended Section 7.4 to address registry-level content filtering as a mitigation for prompt injection attacks, drawing on the DNS reputation services analogy. Added Section 10.6 — Agent Peer Discovery: A Natural Extension — sketching the /.well-known/mcp peer discovery model, referencing WebRTC and data mesh parallels, and positioning direct agent capability advertisement as a complementary layer to the registry architecture. Acknowledgements section added.
1.32 March 2026PublishedExtended Section 8.1 to document path-based and subdomain-based registry URL patterns as equally compliant implementation approaches, with trade-offs for each. Updated SPEC.md accordingly.
1.42 March 2026PublishedUpdated Section 8.1 to reflect that the reference implementation at mcp.mariothomas.com uses path-based routing. Updated Section 8.4 and 8.5 to use correct filename index.js and handler index.handler. Rewrote Section 12 in present tense to reflect live deployment, confirmed GitHub repository URL, and noted path-based routing pattern used in the reference implementation.
1.4.13 March 2026PublishedAdded copyright notice. No content changes.
1.519 March 2026PublishedExpanded Section 2.3 to include the explicit 255-byte DNS TXT record constraint as the hard technical rationale for the pointer-not-container design decision. Added version field to Section 5.4 DynamoDB schema for semantic versioning of registry entries, with accompanying field description distinguishing it from protocol_version. Added Section 5.7 — The Read Path: Audit Trail — making explicit that CloudFront and Lambda@Edge logs provide a queryable record of every agent access. Added Section 7.5 — Context Window Constraints in Large Registries — noting this as a known limitation and recommending aggressive use of capability_filter, concise server entries, and pagination at scale. Acknowledgements updated to reflect feedback from Cole Johnston.

Reference Implementation

A working implementation is live at mcp.mariothomas.com, including a queryable _mcp DNS record, a fully functional registry, and three MCP servers — public articles, public locations, and private documents with signed-URL retrieval. Source code is available in the GitHub repository.

Feedback and Collaboration

This is a discussion draft. Feedback, critique, and alternative implementations are welcomed — particularly on the DNS convention itself and on non-AWS implementations. Open an issue or discussion in the GitHub repository, or get in touch directly here.



Mario Thomas

About Me

I'm a Chartered Director and Fellow of the Institute of Directors (IoD) with three decades bridging software engineering, entrepreneurial leadership, and enterprise transformation. As Head of Applied AI & Emerging Technology Strategy at Amazon Web Services (AWS), I lead how AWS enables its global field organisation and clients to accelerate AI adoption and navigate continuous technological disruption.

An alumnus of the London School of Economics and guest lecturer on the LSE Data Science & AI for Executives programme, I partner with Boards and executive teams to develop the strategic fluency and governance disciplines needed to scale advanced technologies responsibly.

My frameworks — the AI Stages of Adoption (AISA), Five Pillars of AI Capability, and Well-Advised — are adopted internationally in enterprise engagements and cited by professional bodies including the IoD.

This work has enabled organisations to move AI from experimentation to enterprise-scale impact, shaping responsible adoption practice across multiple sectors and geographies.

I'm an AWS Certified Cloud Practitioner I'm an AWS Certified AI Practitioner I'm an AWS Certified AI Practitioner Early Adopter

What I'm Currently Reading

Cover of The Visual Display of Quantitative Information

Tufte's seminal work on data graphics remains essential reading for anyone communicating insights to boards and executives - a masterclass in clarity, integrity, and the art of making complex data instantly comprehensible. See what else I've been reading.

What I Write About

Copyright © 2003-2026 Mario Thomas