@Nicklas-Starkel you're welcome. This behaviour is because we did not want to turn a gw that require signatures useless to nodes that for any reason cannot use signing. It could be that this is changed at some point on the future so that a gw that require signatures does it for all nodes. But for now it doesn't for backwards compatibility. And it is considered that signing first of all is used for data going out to a node. Typically an actuator. And yes, whitelisting can also be added to further strengthen security if you fear nodes could be hijacked. I'm glad the features are being used