Hi, 


a question about areas:


I recently tried to use areas (nncp 8.10.0, Ubuntu 24.04), and wanted to build something like 



        A
    /      \
   B        C
 /  \      /  \
D    E   F      G    


where A (sender only) sends  messages to an area with members B and C (without knowing about D,E,F,G), and B and C just forward (without reading the message) to  D,E , F, G, where B knows about members D and E, and C knows about F and G. 

A is sender only,  B,C are keyless forwarders only,  and D,E,F,G are receivers  only and final recipients, thus need to have the secret keys. Only A is origin of messages. 


I had expected that I have to give A only the public key of the area key set. But I got an error message, that A requires the secret key of the area as well. In constrast, the docs at http://www.nncpgo.org/Multicast.html tell, that B and C as pure fordwarders would not need to have any keys at all to just forward. 

So my concern is: What does A need the secret key of the are for? Isn't that a security flaw, if A stores encrypted message until transport, but the keys as well? If I understand this correctly, when sending a message to an area on A, the message is first encrypted for the area (where it needs the public key for), but then immediately descrypted again by nncp-toss to redistribute. 


But: What does A need to decrypt the message for, if forwarders B and C (or, in the example on http://www.nncpgo.org/Multicast.html, node B) don't need any keys at all just to forward a message to known members of the area. Why is sending and forwarding implemented differently?

I my eyes, it should be sufficient for node A to just have the public keys of the area to encrypt the message, and then forward it to members just like a keyless forwarder. 

I do consider it as insecure, if node A, which is solely a sender to the area and not a member, needs to have the secret keys. E.g. on an email relay in a cloud, an attacker who get's access to the machine, can immediately decrypt all messages in the spool directory. 


So my question is: Why does A require posession of the secret keys? What does it need them for, if forwarding is possible without keys?

Best regards

Hadmut