Motivated by the study of multi-source multi-terminal key-dissemination, here called ``key-cast,'' the work at hand presents a combinatorial characterization of when positive-rate secure multicast network coding with eavesdropping nodes is possible. In key-cast, introduced by the authors in [ITW2022], network nodes hold independent random bits, and one seeks a communication scheme that allows all terminal nodes to share a secret key K. We here address positive (albeit, arbitrarily small) rate key-cast under the security requirement that no single non-terminal network node can gain information on the shared key K; this scenario is useful in cryptographic settings. The work at hand studies key-dissemination protocols based on secure network coding and presents a combinatorial characterization of networks that support positive-rate multicast resilient to eavesdroppers that control individual network nodes. The secure-multicast capacity solution in the same setting is a known open problem.