Firewall Wizards mailing list archives

Re: Ramifications from increasing IPsec SA or rekey times?

From: "J. Oquendo" <sil () infiltrated net>
Date: Fri, 19 Oct 2007 12:00:18 -0400

Christopher J. Wargaski wrote:

Folks--

   I am investigating what the ramifications are for increasing the SA
life or rekey time on an IPsec VPN. Certainly the longer the same SA
stays around, the longer the Wiley Wacker has to break my key.

   Does anyone know of some documents suggesting vulnerabilities from
or ramifications of increasing the SA lifetime or rekey time?
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


Mainly performance issues
http://w3.antd.nist.gov/pubs/perf-vpns-ikev1.pdf

-- 
====================================================
J. Oquendo

SGFA (FW+VPN v4.1)
SGFE (FW+VPN v4.1)

"I hear much of people's calling out to punish the
guilty, but very few are concerned to clear the
innocent." Daniel Defoe

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Ramifications from increasing IPsec SA or rekey times? Christopher J. Wargaski (Oct 19)
- Re: Ramifications from increasing IPsec SA or rekey times? J. Oquendo (Oct 19)