Did you read the spec ? Everything you said is already a recommendation.
I think recommendation != being enforceably part of it or being implemented.
There are a lot of great recs in the docs but I wrote this based on what I actually saw in the wild. I definitely don't think it's all on the spec to solve these.
You didn't read the spec. And you didn't mention Stdio. Stdio is secure and that's what is used by Claude Desktop the first MCP client and they don't support SSE yet. Since the start, SSE was set a draft and there was a long discussion over the authentification implementation first round already got defined and second is defined again.
I saw a lot of articles since MCP was buzzing same claims copy & paste. And the post show a lot of confusion for what MCP is and MCP do.