Translations:ReleaseNotes/Kilo/67/en


 * The "assignment" backend has been split into a "resource" backend (containing domains, projects, and roles) and an "assignment" backend, containing the authorization mapping model.
 * Added support for trust redelegation. If allowed when the trust is initially created, a trustee can redelegate the roles from the trust via another trust.
 * Added support for explicitly requesting an unscoped token from Keystone, even if the user has a  attribute set.
 * Deployers may now opt into disallowing the re-scoping of scoped tokens by setting  in.