@debacle @joergi @xmpp @movim whitelist is at Pubsub level, it is supported yes.
But for this use case (group permissions, i.e. "circles" or "aspects"), it must be at item level, not at node level.
I've implemented this feature "fine tuned access model" a bit less than 15 years ago but never proposed a protoXEP.
Nowadays, this would be better achieved with Pubsub Targeted Encryption (https://xmpp.org/extensions/xep-0477.html). This way, only targeted people can see the content.