DEV Community

Discussion on: Encrypted Contact Form in Vue

anthonygore profile image
Anthony Gore

Is this needed if your site uses SSL?

debpu06 profile image
David Boland Author • Edited on

If you use SSL the connection will be encrypted. One potential risk I mentioned in the future improvements section is that if you could provide a good way of verifying the public key, you could prevent man in the middle attacks. SSL can still be vulnerable to that, so this could potentially be an improvement there.

Another nice feature of this is that the message can stay encrypted at its end destination. In this example, the form sends the message to an inbox. So even if the inbox is compromised, the attacker still wouldn't be able to read the message.

To your question though, do you need this? Probably not. Users don't usually submit the type of sensitive data required for this level of security in a site contact form. But if it ever was required, I thought this would be an interesting method of trying to implement a higher level of security.