Hi, a question about areas: I recently tried to use areas (nncp 8.10.0, Ubuntu 24.04), and wanted to build something like A / \ B C /  \    /  \ D E F G where A (sender only) sends  messages to an area with members B and C (without knowing about D,E,F,G), and B and C just forward (without reading the message) to  D,E , F, G, where B knows about members D and E, and C knows about F and G. A is sender only,  B,C are keyless forwarders only,  and D,E,F,G are receivers  only and final recipients, thus need to have the secret keys. Only A is origin of messages. I had expected that I have to give A only the public key of the area key set. But I got an error message, that A requires the secret key of the area as well. In constrast, the docs at http://www.nncpgo.org/Multicast.html tell, that B and C as pure fordwarders would not need to have any keys at all to just forward. So my concern is: What does A need the secret key of the are for? Isn't that a security flaw, if A stores encrypted message until transport, but the keys as well? If I understand this correctly, when sending a message to an area on A, the message is first encrypted for the area (where it needs the public key for), but then immediately descrypted again by nncp-toss to redistribute. But: What does A need to decrypt the message for, if forwarders B and C (or, in the example on http://www.nncpgo.org/Multicast.html, node B) don't need any keys at all just to forward a message to known members of the area. Why is sending and forwarding implemented differently? I my eyes, it should be sufficient for node A to just have the public keys of the area to encrypt the message, and then forward it to members just like a keyless forwarder. I do consider it as insecure, if node A, which is solely a sender to the area and not a member, needs to have the secret keys. E.g. on an email relay in a cloud, an attacker who get's access to the machine, can immediately decrypt all messages in the spool directory. So my question is: Why does A require posession of the secret keys? What does it need them for, if forwarding is possible without keys? Best regards Hadmut