diff --git a/.github/workflows/buf-ci.yaml b/.github/workflows/buf-ci.yaml
index 31de594..ec7307c 100644
--- a/.github/workflows/buf-ci.yaml
+++ b/.github/workflows/buf-ci.yaml
@@ -26,7 +26,7 @@ jobs:
     steps:
       - 
         name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - 
         name: Install buf
         uses: bufbuild/buf-action@v1
diff --git a/LICENSE b/LICENSE
index 1a8c5cb..b571f48 100644
--- a/LICENSE
+++ b/LICENSE
@@ -186,7 +186,7 @@
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright 2023 Aserto AuthZEN WG
+   Copyright (c) 2025 The OpenID Foundation (https://openid.github.io/authzen/#appendix-D)
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.
diff --git a/buf.lock b/buf.lock
index 95ba90a..4b95c5a 100644
--- a/buf.lock
+++ b/buf.lock
@@ -2,8 +2,8 @@
 version: v2
 deps:
   - name: buf.build/googleapis/googleapis
-    commit: 546238c53f7340c6a2a6099fb863bc1b
-    digest: b5:e017bbf31a3f912e2b969c03c3aa711f466cfe104f510865d1a8ede1be490240aabd4cca5865459a0f15222747284395f98afc094b0fd086e8917a5a7bdd9db0
+    commit: 72c8614f3bd0466ea67931ef2c43d608
+    digest: b5:13efeea24e633fd45327390bdee941207a8727e96cf01affb84c1e4100fd8f48a42bbd508df11930cd2884629bafad685df1ac3111bc78cdaefcd38c9371c6b1
   - name: buf.build/grpc-ecosystem/grpc-gateway
     commit: 4c5ba75caaf84e928b7137ae5c18c26a
     digest: b5:c113e62fb3b29289af785866cae062b55ec8ae19ab3f08f3004098928fbca657730a06810b2012951294326b95669547194fa84476b9e9b688d4f8bf77a0691d
diff --git a/makefile b/makefile
index 2e223e8..630306d 100644
--- a/makefile
+++ b/makefile
@@ -9,12 +9,12 @@ ATTN_COLOR         := \033[33;01m
 OS                 := $(shell uname -s | tr '[:upper:]' '[:lower:]')
 ARCH               := $(shell uname -m | tr '[:upper:]' '[:lower:]')
 
-EXT_DIR            := ./.ext
+EXT_DIR            := ${PWD}/.ext
 EXT_BIN_DIR        := ${EXT_DIR}/bin
 EXT_TMP_DIR        := ${EXT_DIR}/tmp
 
-SVU_VER 	         := 3.2.3
-BUF_VER            := 1.54.0
+SVU_VER 	         := 3.3.0
+BUF_VER            := 1.59.0
 
 PROJECT            := access
 
@@ -27,7 +27,7 @@ BUF_LATEST         := $(shell ${EXT_BIN_DIR}/buf registry module label list ${BU
 BUF_BIN_DIR        := ./bin
 BUF_BIN_IMAGE      := "${PROJECT}.bin"
 
-RELEASE_TAG        := $$(${EXT_BIN_DIR}/svu)
+RELEASE_TAG        := $$(${EXT_BIN_DIR}/svu current)
 
 .DEFAULT_GOAL      := buf-build
 
@@ -93,20 +93,22 @@ ${EXT_BIN_DIR}/buf: ${EXT_BIN_DIR}
 	@chmod +x ${EXT_BIN_DIR}/buf
 	@${EXT_BIN_DIR}/buf --version
 
-${EXT_BIN_DIR}/svu: install-svu-${OS}
-	@echo -e "$(ATTN_COLOR)==> $@ $(NO_COLOR)"
-	@chmod +x ${EXT_BIN_DIR}/svu
-	@${EXT_BIN_DIR}/svu --version
+${EXT_BIN_DIR}/buf: install-buf
 
-install-svu-darwin: ${EXT_TMP_DIR} ${EXT_BIN_DIR}
+.PHONY: install-buf
+install-buf: ${EXT_BIN_DIR}
 	@echo -e "$(ATTN_COLOR)==> $@ $(NO_COLOR)"
-	@gh release download v${SVU_VER} --repo https://github.com/caarlos0/svu --pattern "svu_${SVU_VER}_${OS}_all.tar.gz" --output "${EXT_TMP_DIR}/svu.tar.gz" --clobber
-	@tar -xvf ${EXT_TMP_DIR}/svu.tar.gz --directory ${EXT_BIN_DIR} svu &> /dev/null
+	@gh release download v${BUF_VER} --repo https://github.com/bufbuild/buf --pattern "buf-$$(uname -s)-$$(uname -m)" --output "${EXT_BIN_DIR}/buf" --clobber
+	@chmod +x ${EXT_BIN_DIR}/buf
+	@${EXT_BIN_DIR}/buf --version
+
+${EXT_BIN_DIR}/svu: install-svu
 
-install-svu-linux: ${EXT_TMP_DIR} ${EXT_BIN_DIR}
+.PHONY: install-svu
+install-svu: ${EXT_BIN_DIR} ${EXT_TMP_DIR}
 	@echo -e "$(ATTN_COLOR)==> $@ $(NO_COLOR)"
-	@gh release download  v${SVU_VER} --repo https://github.com/caarlos0/svu --pattern "svu_${SVU_VER}_${OS}_${ARCH}.tar.gz" --output "${EXT_TMP_DIR}/svu.tar.gz" --clobber
-	@tar -xvf ${EXT_TMP_DIR}/svu.tar.gz --directory ${EXT_BIN_DIR} svu &> /dev/null
+	@GOBIN=${EXT_BIN_DIR} go install github.com/caarlos0/svu/v3@v${SVU_VER}
+	@${EXT_BIN_DIR}/svu --version
 
 .PHONY: clean
 clean:
diff --git a/proto/access/v1/access.proto b/proto/access/v1/access.proto
index 5ceef03..582dee2 100644
--- a/proto/access/v1/access.proto
+++ b/proto/access/v1/access.proto
@@ -10,7 +10,7 @@ option go_package = "github.com/authzen/access/v1;access";
 option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = {
   info: {
     title: "OpenID AuthZen Access Service"
-    version: "1.0.0-3"
+    version: "1.0.0-5"
     contact: {
       name: ""
       url: ""
@@ -24,7 +24,7 @@ option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = {
 
   external_docs: {
     url: "https://openid.github.io/authzen/"
-    description: "Authorization API 1.0 - draft 03"
+    description: "Authorization API 1.0 - draft 05"
   }
 
   schemes: HTTP
@@ -51,7 +51,7 @@ option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = {
 };
 
 service Access {
-  // evaluation
+  // evaluation (https://openid.github.io/authzen/#name-access-evaluation-api)
   rpc Evaluation(EvaluationRequest) returns (EvaluationResponse) {
     option (google.api.http) = {
       post: "/access/v1/evaluation"
@@ -66,7 +66,7 @@ service Access {
     };
   }
 
-  // evaluations
+  // evaluations (https://openid.github.io/authzen/#name-access-evaluations-api)
   rpc Evaluations(EvaluationsRequest) returns (EvaluationsResponse) {
     option (google.api.http) = {
       post: "/access/v1/evaluations"
@@ -81,7 +81,7 @@ service Access {
     };
   }
 
-  // subject search
+  // subject search (https://openid.github.io/authzen/#name-subject-search-api)
   rpc SubjectSearch(SubjectSearchRequest) returns (SubjectSearchResponse) {
     option (google.api.http) = {
       post: "/access/v1/search/subject"
@@ -96,7 +96,7 @@ service Access {
     };
   }
 
-  // resource search
+  // resource search (https://openid.github.io/authzen/#name-resource-search-api)
   rpc ResourceSearch(ResourceSearchRequest) returns (ResourceSearchResponse) {
     option (google.api.http) = {
       post: "/access/v1/search/resource"
@@ -111,7 +111,7 @@ service Access {
     };
   }
 
-  // action search
+  // action search (https://openid.github.io/authzen/#name-action-search-api)
   rpc ActionSearch(ActionSearchRequest) returns (ActionSearchResponse) {
     option (google.api.http) = {
       post: "/access/v1/search/action"
@@ -132,7 +132,7 @@ message EvaluationRequest {
   Subject subject = 1;
   Action action = 2;
   Resource resource = 3;
-  google.protobuf.Struct context = 4;
+  optional google.protobuf.Struct context = 4;
 }
 
 // https://openid.github.io/authzen/#name-the-access-evaluation-api-re
@@ -146,7 +146,7 @@ message EvaluationsRequest {
   Subject subject = 1;
   Action action = 2;
   Resource resource = 3;
-  google.protobuf.Struct context = 4;
+  optional google.protobuf.Struct context = 4;
   repeated EvaluationRequest evaluations = 5;
   google.protobuf.Struct options = 6;
 }
@@ -162,13 +162,13 @@ message SubjectSearchRequest {
   Action action = 2;
   Resource resource = 3;
   google.protobuf.Struct context = 4;
-  Page page = 5;
+  PaginationRequest page = 10;
 }
 
 // https://openid.github.io/authzen/#name-the-subject-search-api-resp
 message SubjectSearchResponse {
   repeated Subject results = 1;
-  Page page = 2;
+  PaginationResponse page = 10;
 }
 
 // https://openid.github.io/authzen/#name-the-resource-search-api-req
@@ -177,13 +177,13 @@ message ResourceSearchRequest {
   Action action = 2;
   Resource resource = 3;
   google.protobuf.Struct context = 4;
-  Page page = 5;
+  PaginationRequest page = 10;
 }
 
 // https://openid.github.io/authzen/#name-the-resource-search-api-res
 message ResourceSearchResponse {
   repeated Resource results = 1;
-  Page page = 2;
+  PaginationResponse page = 10;
 }
 
 // https://openid.github.io/authzen/#name-the-action-search-api-reque
@@ -192,35 +192,46 @@ message ActionSearchRequest {
   Action action = 2;
   Resource resource = 3;
   google.protobuf.Struct context = 4;
-  Page page = 5;
+  PaginationRequest page = 10;
 }
 
 // https://openid.github.io/authzen/#name-the-action-search-api-respo
 message ActionSearchResponse {
   repeated Action results = 1;
-  Page page = 2;
+  PaginationResponse page = 10;
 }
 
 // https://openid.github.io/authzen/#name-subject
 message Subject {
   string type = 1;
   string id = 2;
-  google.protobuf.Struct properties = 3;
+  optional google.protobuf.Struct properties = 3;
 }
 
 // https://openid.github.io/authzen/#name-action
 message Action {
   string name = 1;
-  google.protobuf.Struct properties = 2;
+  optional google.protobuf.Struct properties = 2;
 }
 
 // https://openid.github.io/authzen/#name-resource
 message Resource {
   string type = 1;
   string id = 2;
-  google.protobuf.Struct properties = 3;
+  optional google.protobuf.Struct properties = 3;
+}
+
+// https://openid.github.io/authzen/#name-paginated-requests
+message PaginationRequest {
+  optional string token = 1;
+  optional int32 limit = 2;
+  optional google.protobuf.Struct properties = 3;
 }
 
-message Page {
+// https://openid.github.io/authzen/#name-paginated-responses
+message PaginationResponse {
   string next_token = 1;
+  optional int64 count = 2;
+  optional int64 total = 3;
+  optional google.protobuf.Struct properties = 4;
 }