*** John Goerzen [2021-08-07 16:12]: >I am wanting to set up an area where only one node is authorized to create >packets bound for it There are some quick thoughts, just brainstorming, currently not taking it seriously: what a node can do with incoming area packet? It has only knowledge of area id, sender id, probably its signature verification. * delete it * relay it, then delete (no area's private key) * relay and accept for local delivery, without signature check (unknown sender) * relay and accept for local delivery, with verified signature * relay and deny for local delivery (untrusted sender) I thought that all logic can be moved to separate executable script (shell, Perl, whatever user wish), that will be executed with (for example, just brainstorming) three arguments: area id, sender id, is signature valid. (I think that if sender is known, but has invalid signature -- its packet can be dropped immediately). And that utility will return the "decision". Something like: #!/bin/sh AREA=$1 SENDER=$2 [ "$SENDER" == `hash-of-nncp-neigh alice` ] && return CODE-TO-ACCEPT [ "$SENDER" == `hash-of-nncp-neigh bob` ] && return CODE-TO-RELAY-ONLY [ "$SENDER" == "unknown" ] && return return CODE-TO-DENY-COMPLETELY But there are not so much actions possible, so I tend to think this is unnecessary complication and just several lists can be kept inside NNCP's configuration. "deny/allow-relay: [...]", "deny/allow-process: [...]", and so on. FidoNet did not have moderation as Internet's maillists, where you mail was kept on maillist server until moderator decide what to do with it. FidoNet's moderator warned and asked nodes to look for their points behaviour. Noone can really completely forbid all messages spreading. Usenet, as I understood, had the same issue: everyone can spread his messages and if someone want to blind them, he just setup his own personal "killfile". Moderated Usenet newsgroups has centralized point of moderation, so it is not the floodfill multicasting. -- Sergey Matveev (http://www.stargrave.org/) OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF