SSL supports several anonymous cipher suites such as TLS_DH_anon_WITH_AES_256_GCM_SHA384. When these are used, no authentication is performed and no certificates are exchanged. This means that if they are used, you are at risk of MitM attacks.
Previously, I have only seen these enabled when someone has enabled every single cipher suite by mistake. Today, I noticed that Nationwide online banking has a single anonymous cipher suite enabled.
This leads me to believe it was added deliberately, rather than accidentally.
What are the use cases for anonymous cipher suites on a website?