Re: [fw-wiz] Ramifications from increasing IPsec SA or rekey times?
- From: "J. Oquendo" <sil@xxxxxxxxxxxxxxx>
- Date: Fri, 19 Oct 2007 12:00:18 -0400
Christopher J. Wargaski wrote:
Folks--
I am investigating what the ramifications are for increasing the SA
life or rekey time on an IPsec VPN. Certainly the longer the same SA
stays around, the longer the Wiley Wacker has to break my key.
Does anyone know of some documents suggesting vulnerabilities from
or ramifications of increasing the SA lifetime or rekey time?
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Mainly performance issues
http://w3.antd.nist.gov/pubs/perf-vpns-ikev1.pdf
--
====================================================
J. Oquendo
SGFA (FW+VPN v4.1)
SGFE (FW+VPN v4.1)
"I hear much of people's calling out to punish the
guilty, but very few are concerned to clear the
innocent." Daniel Defoe
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- References:
- [fw-wiz] Ramifications from increasing IPsec SA or rekey times?
- From: Christopher J. Wargaski
- [fw-wiz] Ramifications from increasing IPsec SA or rekey times?
- Prev by Date: [fw-wiz] Ramifications from increasing IPsec SA or rekey times?
- Next by Date: Re: [fw-wiz] firewall-wizards Digest, Vol 18, Issue 10
- Previous by thread: [fw-wiz] Ramifications from increasing IPsec SA or rekey times?
- Next by thread: Re: [fw-wiz] firewall-wizards Digest, Vol 18, Issue 10
- Index(es):
Relevant Pages
|
|
