- ksupportAsked on May 12, 2016 at 06:01 PM
Speaking of CSV... I want a CSV which your system can't handle for some reason. Just spit out a fully encrypted file that I can use openssl and my private key to decrypt! Better yet, send me a email with the encrypted data. I can then parse the data using my private key.
Why do you send my data over the internet in the clear but can't handle CSV and reports. Sending me an email that isn't encrypted is NOT SECURE!
Why not encrypt my email using my public key using s/mime or similar technology?
After uploading my private key and viewing the submission the matrix widget doesn't decrypt. Why?
- JotForm SupportdavidAnswered on May 12, 2016 at 06:12 PM
Here is a brief rundown on form Encryption:
It should be noted that setting up a form as encrypted comes at the cost of some convenience.
• Notifications will only alert the user that a submission was received- they won’t include the content of the response. (That’s the whole point! The info isn’t legible from our servers.)
• Users must log into JotForm and also need to enter their private key in order to view their form responses,
• If you lose the private encryption key, your data is gone. We can’t reset it in a such a way as to recover previously encrypted responses.
• Some of the features are not available: PDF Downloads, Reports, Emails that contain form data in them.
- ksupportAnswered on May 12, 2016 at 06:26 PM
I understand all about SSL and encryption. Jotform will send an email to me over the internet which isn't secure. Open of submission and click forward and email appears! not secure.
Since you are not storing my data on your servers in clear text that is a security problem. If your not mining my data, why not encrypt on your servers?
Since you have my public key, why can't your system email me the fully encrypted data?
- JotForm SupportdavidAnswered on May 12, 2016 at 06:29 PM
I believe I responded to a similar question in your original thread: