Must auths for privilege and such still be explicitly listed, or are they now included in solaris.*?

In OpenSolaris and the Solaris-version around that time, the **solaris.grant** auth wasn't included in **solaris.*** and had to be explicitly added. For example, from the definition of the *Primary Administrator*-role:

Primary Administrator:RO::\
Can perform all administrative tasks:\
auths=solaris.*,solaris.grant;\
help=RtPriAdmin.html

**solaris.grant** bestowed the ability to grant any role, auth, profile, etc. to any user. There were also another one (possibly **solaris.delegate**) which only let you bestow other users with privileges equal-or-less to your own. - Was this auth (was it **solaris.delegate** ?) also *not* included included in **solaris.*** , and thus had to be specified separately? Now (newer Solaris versions) **solaris.grant** and the other one have been split into multiple auths to fine-tune which privileges that a user **assign** (meaning any privilege, like *solaris.grant*) or **delegate** (meaning just privilege equal-or-less to the user's own). For example: solaris.auth.assign solaris.auth.delegate solaris.group.assign solaris.group.delegate solaris.privilege.assign solaris.privilege.delegate solaris.profile.assign solaris.profile.delegate solaris.role.assign solaris.role.delegate - Must all/some of these still be *explicitly* assigned (eg. "solaris.\*,solaris.profile.assign") , or are all/some now included in **solaris.*** ?