Interview with Kenny Paterson, Professor of Information Security at Royal Holloway, University of Lo
In late 2004, Arnold Yau (a PhD student in the group) and I began an investigation into IPsec security, in particular the security of the "encryption only" configuration of IPsec. The relevant standards are pretty clear that this configuration should be avoided, but they also mandate it be supported, mostly for reasons of backwards compatibility.
The link for this article located at Net-Security.com is no longer available.