We recently had a situation where a client needed some information that was sent to him by email via a form on his website. The webpage with the form on it was connected to the server via a SSL connection–you know, where the URL starts with https://. However, that only secures the data from the browser to the server. As it sits on the mail server waiting to be downloaded by the client, and as it is being downloaded, it is not secure because the data has not been encrypted. After much research we found that Herbert Hanewinkel has created a neat little scripted application that will encrypt form data right in the senders browser (128bit encryption), so the data is encrypted from its creation to the receivers computer, where it can be decrypted. You can view and download the scripts for free at www.hanewin.net/encrypt/. You will also need to install GnuPG on the receiver’s computer to create the public key for the form and to decrypt any messages sent. We found this to be a simple, safe, and elegant solution.