Using a mixture of authentication-required and unauthenticated IMSIs

Hello Osmocom community, A question: is it possible to configure OsmoMSC+OsmoHLR such that authentication is required for those IMSIs for which key material records are present in HLR subscriber db, yet allow unauthenticated access for certain other IMSIs (specific ones, *not* accept-all) that are entered into HLR subscriber db without keys? My use case: I generally operate my network with SIMs of my own issue, and I wish to continue enforcing authentication (and using ciphering) for all Themyscira SIMs. However, I would like to play with some old phone models which cannot be found unlocked - only operator-locked units can be found on ebay - and some of those historical operator- locked phones come with SIM cards in them, issued by historical operators who have bit the dust ages ago. It would be really nice if I could add the IMSIs of those defunct-operator SIMs to my HLR subscriber db and allow them to connect - which would have to be unauthenticated, as I don't know their Ki or even their A38 algorithm version - but do so _without_ dropping the authentication requirement for my own Themyscira IMSIs. Is what I seek possible with current OsmoMSC and OsmoHLR? And if it isn't possible with current code, any ideas as to what would be the right way to implement such a feature? TIA, Mychaela