C2MS11 — Deprecate Archive Message Retrieval Messages

The Archive Message Retrieval Request Message and related Archive Message Retrieval Response Message should be considered for deprecation.

These are useful messages in an engineering environment when all messages and their corresponding storage method allows unfettered access to all consumers regardless of authentication/authorization, but in a real-world operational environment, this construct is much too uncontrolled.

For example, the Archive Message Request allows, and suggests, sending a SQL statement or script expression in the REQ-STRING field, which the service provider would execute on behalf of the requestor, creating an exploitable cyber attack opportunity for malicious software.

Even if the REQ-STRING were removed and the request only allowed for PROD-TYPE/PROD-SUBTYPE (the other way to request the archive), this would allow for all messages that ever flowed in the environment to be forwarded to a single requestor. In an unsecured system, that might make sense, but it is not appropriate in any system that closely controls who is allowed to send/receive any given message.

Deprecate REQ-STRING in Archive Message Retrieval Request

Deprecate the REQ-STRING field in Archive Message Retrieval Request. This mechanism is not secure, allowing a requestor to provide a SQL statement or Script to be executed by the service on their behalf.

Describe the rationale for the change to the reader.

Provide a note that the "longhand" version of the query will continue to be supported.

Note that some fields that were previously "dependent" are now "required" because they were only required when using the "longhand" method (which is now the only methd).

Replace the UML diagram to with the new version that moves the previously dependent fields into the required category and adds the note that the REQ-STRING field is Deprecated. Note that because of other changes going into this same version, the Required and Optional blocks are being redone as well, so the illustrated new version is to show the type of change that is to be made, but will actually be different from this when all is said and done. But this issue is only concerned with the delta that is effected by this issue.