MUST support XACML 2.0 [XACML2] request-response contexts for authorization queries
MAY support other versions of XACML
MAY support XACML policy language
MUST support XACML SAML Authorization Query extension [XACML2SAML] in order to allow policies to be dynamically passed to the PDP
All communication between the PEP and PDP will be using SOAP based XACML SAML profile. This profile is mostly independent of rules language. Thus the PERMIS and trust and reputation language specificity will be mostly contained within the PDPs themselves. The only exception is the obligation vocabulary which must be understood by the distributed Obligations Services and therefore needs to be standardised. This is a major effort that has already been started in the TAS3 project. On the other hand, the sticky policies, which will be passed over the wire in the protocol exchange, will be engineered such that they transparently pass from the data store to the appropriate field of the XACML request without the PEP proper really having to understand them.