Why These Two Protocols Won the Standards War

Why These Two Protocols Won the Standards War

The protocol landscape looked chaotic in early 2025. Anthropic's MCP was gaining traction for tool access. Google's A2A promised agent coordination. Smaller players pushed ACP (Agent Communication Protocol) and ANP (Agent Network Protocol). The arXiv survey from May 2025 counted four major competing standards [5].

The breakthrough came when builders realized these weren't competing protocols—they were complementary layers. As ISG analyst David Menninger put it: "MCP first for sharing context; then A2A for dynamic interaction among agents" [1].

MCP, open-sourced by Anthropic in November 2024 and donated to the Linux Foundation in December 2025, handles the "agent-to-tool" layer. It standardizes how AI agents access APIs, databases, file systems, and external services through a clean JSON-RPC 2.0 interface [1][3].

A2A, launched by Google in April 2025 and donated to open governance by June 2025, manages the "agent-to-agent" layer. It handles discovery, coordination, task delegation, and cross-vendor orchestration [4][7].

The division of labor is elegant: MCP connects agents to the world, A2A connects agents to each other.

MCP: Your Foundation Layer for Tool Access

Start with MCP. Every major platform now supports MCP servers, and with over 10,000 servers in the wild, you're not building infrastructure—you're plugging into it [1].

MCP's architecture is deliberately simple: client-server JSON-RPC 2.0 over HTTP/SSE (Server-Sent Events). Agents act as clients, tools expose MCP servers. The protocol handles three core primitives: resources (data access), tools (function calls), and prompts (context templates) [3][8].

The real power emerges in enterprise deployments. At Tyson Foods, MCP servers connect AI agents to inventory systems, supply chain APIs, and production databases. Adobe uses MCP to orchestrate creative workflows across multiple AI models and design tools [1].

Implementation tip: Don't build custom MCP servers unless you absolutely have to. The ecosystem is mature enough that most enterprise needs are covered by existing servers. Focus your engineering effort on the business logic, not the plumbing.

Security happens at the MCP layer through Agent Cards—standardized identity and capability declarations that travel with each request. Think of them as JWT tokens for AI agents, carrying authentication, authorization, and audit trails [1].

A2A: Orchestrating Agent Swarms at Scale

Once your agents can reliably access tools through MCP, A2A handles the coordination complexity. This is where multi-agent systems graduate from demos to production.

A2A solves three hard problems: agent discovery (how do agents find each other?), task delegation (how do you break complex work into agent-sized chunks?), and cross-vendor orchestration (how do Anthropic, OpenAI, and Google agents collaborate?) [4][7].

The protocol is stateless by design, using HTTP as the transport layer with standardized message formats for negotiation, task assignment, and result aggregation. Unlike earlier agent communication attempts, A2A doesn't try to be a messaging system—it's a coordination protocol [2][7].

Real-world example: A Nordic logistics company uses A2A to orchestrate demand forecasting. One agent pulls sales data (via MCP), another runs ML models (via MCP), a third generates reports (via MCP), and A2A coordinates the handoffs, error handling, and retry logic.

The key insight: A2A isn't about agents talking to each other constantly. It's about agents knowing when and how to delegate work. Most agent interactions are brief coordination messages, not extended conversations.

The Phased Implementation Roadmap That Actually Works

The arXiv survey from May 2025 proposed a four-phase adoption path: MCP → ACP → A2A → ANP [5]. In practice, successful deployments skip the middle steps and go straight to MCP + A2A.

Phase 1: MCP Foundation (Weeks 1-4) Start with a single agent accessing 2-3 critical tools through MCP servers. Focus on reliability, error handling, and monitoring. Don't scale until this works perfectly.

Phase 2: Multi-Tool Integration (Weeks 5-8) Add more MCP servers. Build your Agent Card security model. Establish logging and audit trails. This phase breaks most implementations—invest in observability.

Phase 3: A2A Coordination (Weeks 9-12) Introduce a second agent. Use A2A for simple task delegation. Start with synchronous handoffs before attempting parallel execution.

Phase 4: Production Orchestration (Weeks 13+) Scale to multiple agents, complex workflows, and cross-vendor scenarios. This is where the real business value emerges, but only if phases 1-3 are rock solid.

Critical insight from Nordic deployments: Teams that try to implement MCP and A2A simultaneously fail. The protocols are complementary, but the implementation complexity is multiplicative.

Security and Governance: Agent Cards and Trust Boundaries

Enterprise AI orchestration fails without proper security models. The MCP + A2A stack addresses this through Agent Cards—standardized identity documents that carry authentication, capabilities, and audit context [1].

Agent Cards solve the "confused deputy" problem in multi-agent systems. When Agent A asks Agent B to perform a task via A2A, Agent B knows exactly what Agent A is authorized to request, what data it can access, and how to log the interaction for compliance.

Trust boundaries matter. In practice, most enterprises run MCP servers within their security perimeter and use A2A for coordination across trust zones. Internal agents communicate freely via A2A, but external agent interactions require explicit approval workflows.

The stateless design of both protocols helps with security auditing. Every agent interaction is a discrete HTTP request with full context in the Agent Card. No hidden state, no persistent connections that can leak data across security boundaries.

Nordic perspective: GDPR compliance is significantly easier with MCP + A2A because data lineage is explicit. You can trace exactly which agent accessed what data, when, and for what purpose.

Common Orchestration Pitfalls and How to Avoid Them

Two years of production deployments have revealed predictable failure modes. Here's what breaks and how to prevent it.

Pitfall 1: Circular Dependencies Agent A delegates to Agent B, which delegates back to Agent A. The A2A protocol doesn't prevent this—your orchestration logic must. Solution: explicit task hierarchies and delegation depth limits.

Pitfall 2: MCP Server Overload Popular MCP servers become bottlenecks when multiple agents hammer them simultaneously. Solution: connection pooling, rate limiting, and circuit breakers at the MCP client level.

Pitfall 3: Error Propagation Cascades One failing agent brings down the entire workflow. Solution: bulkhead patterns in A2A coordination, with graceful degradation when agents become unavailable.

Pitfall 4: Agent Card Bloat Teams pack too much context into Agent Cards, creating performance and security issues. Solution: minimal cards with just-in-time privilege escalation when needed.

The most dangerous pitfall: treating agents like microservices. Agents are probabilistic, not deterministic. Your orchestration patterns must account for uncertainty, not eliminate it.

What Changes When AI Builds the Software

The MCP + A2A stack represents something deeper than protocol standardization. It's the infrastructure layer for a world where AI systems compose themselves dynamically rather than being pre-programmed by humans.

Traditional software orchestration assumes you know the workflow in advance. Kubernetes orchestrates containers, but the containers and their relationships are defined at deploy time. MCP + A2A enables runtime composition—agents discovering capabilities, negotiating task distribution, and adapting to changing requirements without human intervention.

This shifts the builder's role from "programming workflows" to "designing constraints." You don't tell agents exactly what to do; you give them tools (via MCP), coordination mechanisms (via A2A), and boundaries (via Agent Cards). The actual work emerges from agent interactions.

The Nordic enterprises we work with are already seeing this shift. Their AI systems handle supply chain disruptions, customer service escalations, and financial reporting with minimal human oversight. Not because the systems are perfectly programmed, but because they can reprogram themselves within safe boundaries.

The post-code era isn't about eliminating programmers—it's about elevating them from instruction writers to system designers. Code becomes free when AI can generate it. Judgment about what systems to build, how they should behave, and what constraints they should respect—that's where human expertise remains irreplaceable.

Sources

1. https://www.digitalapplied.com/blog/ai-agent-protocol-ecosystem-map-2026-mcp-a2a-acp-ucp
2. https://dev.to/pockit_tools/mcp-vs-a2a-the-complete-guide-to-ai-agent-protocols-in-2026-30li
3. https://auth0.com/blog/mcp-vs-a2a/
4. https://developers.googleblog.com/en/a2a-a-new-era-of-agent-interoperability/
5. https://arxiv.org/html/2505.02279v1
6. https://philippdubach.com/posts/mcp-vs-a2a-in-2026-how-the-ai-protocol-war-ends/
7. https://atlan.com/know/google-a2a-protocol/
8. https://zylos.ai/research/2026-02-15-agent-to-agent-communication-protocols/