I got some bounces today from Nationwide (no doubt spam backscatter), but the interesting thing about them was that they were PGP signed. Some digging reveals that Nationwide seem to sign their outgoing mail, which is nice to see. Further digging fails to find any nationwide.co.uk keys on pgp.net, keyserver.net or pgp.com. Well that's useful, isn't it? They're not the only people who do this - I regularly see posts to mailing lists that are signed but the key isn't available. Why bother signing mails if your public key isn't out there? It doesn't really give the impression you understand why you're signing things.