Even though session keys are quite small, large scale bots might want these to be cleared out. If an expiration duration is specified, Stealth should purge sessions that are as old (or older) than the specified duration.

If a key is accessed, the TTL should be reset. This ensures active sessions are not purged.