I appears to me that your question is not so much as to how to handle the conversion but how to present your product or service to your users. In this sense, I think you need to really ask yourself, "What is the goal of my file conversion service?"

First, if you are not going to be providing this service for classified documentation then you don't really need to worry about what the end user thinks the security of their files are. Like you stated, we all know that transmission over http is insecure. So, maybe you need to look at developing a terms of service agreement that will release you of any liabilites including copyright and patent rights that the end user may claim to have for using your service. In this sense then you can worry about the disk space problems and clean up yourself that a simple cron job or perl script can solve.

However, if you are going to offer a corporate level solution then a free iDisk idea is perhaps the best idea. But dont try to make your users feel safe. Use the appropiate security measures such as secure http and ssl.

This decision lies in your hands. "Keep it simple. Enlightenment will come to you as long as your motivation is true."

Good Hunting,
kha0z