Microsoft's directory team forced to reconsider ignored standards - Would I love to see Microsoft embrace XACML? Absolutely! Reality though says that XACML is not part of the directory service. XACML does have a play in being incorporated directly into enterprise applications. I would love to see Microsoft build XACML support into SQL Server by replacing grant/revoke semantics as well as putting into Sharepoint. Of course, for Microsoft to get it right, requires them to hire an authorization czar like Kim Cameron is for identity.
XACML, identity management, Microsoft