I am investigating what the ramifications are for increasing the SA
life or rekey time on an IPsec VPN. Certainly the longer the same SA
stays around, the longer the Wiley Wacker has to break my key.

Does anyone know of some documents suggesting vulnerabilities from
or ramifications of increasing the SA lifetime or rekey time?
firewall-wizards mailing list