Letters to the Editor

Decrypting PKI

Christopher Yukins and Timothy Carnahan should read the primer on public-key infrastructure a little closer. Their article "DOD PKI plan raises liability, relevance issues" [FCW, Oct. 5] contains a glaring error on how a "dual key" system works. They should have written that the sender of a message encrypts the message using the recipient's public key, not a private key. The recipient decrypts the message with his private key.

They may be confusing encryption with signature. A document is signed with the sender's private key and verified with his public key.

Dean CoclinGTE CyberTrust

Christopher Yukins responds: Mr. Coclin is absolutely right that the process we referred to is a "digital signature." But that term is critical, because the digital signature includes a hash function that incorporates the message and the identity of the sender. A normal commercial document sent electronically generally does not need to be encrypted as long as the "signature" ensures that there has been no tampering with the document.

As Mr. Coclin points out, the digital signature is created using the sender's private key, and then verified using the sender's public key.

We simplified the explanation, combining the terms message and signature, to make the process understandable. We felt it is much easier for a reader to understand encryption using a private key and decryption using a publicly available key.

For more information on how the encryption process works, we refer readers to review the American Bar Association Digital Signature Guidelines at www.abanet.org/scitech/ec/isc/dsg.html.


Reform root of protest decline

I always enjoy Carl Peckinpaugh's column commenting on various aspects of contracting law. But in his column "What factors are behind the decline in bid protests?" [FCW, Sept. 14], I think he misses the mark, and I wish to offer an alternate interpretation.

Carl takes the approach that acquisition reform has had little influence on the reduction in protests. Carl wrote, "Interestingly, the real revolution [in the reduction of protests] is almost completely unrelated to procurement reform efforts."

I say au contraire. The decline in bid protests is directly related to the four acquisition reform laws: the Government Performance and Results Act, the Federal Acquisition Streamlining Act, the Federal Acquisition Reform Act and the Information Technology Management Reform Act. Two outcomes of those laws are responsible for the decline in bid protests. The first is the demise of the General Services Administration's Board of Contract Appeals (GSBCA), and the second is the increase in discretion given to contracting officers.

The General Accounting Office is not as protester-friendly. The "win rate" for protesters at GSBCA was about 40 percent (either sustained or settled out), and the "win rate" at GAO is about 4 percent, according to a study several years ago by Federal Sources Inc. The government has the upper hand, and contractors know it. Lack of results produces fewer protests.

Even if vendors win, they receive a toothless remedy. I offer as evidence the recent case of ADF v. NASA (GAO case B-278896). The apparent winner was found by the GAO to have violated several regulations, including misrepresentation in its offer. "Protester's contention that the awardee misrepresented the availability of its key personnel is sustained."

However, GAO ruled not to give the vendor remedy. "[W]e do not believe it would be appropriate to recommend a re-evaluation or that [the awardee's] contract be terminated. Instead, we recommend that ADF be reimbursed for the cost of preparing its proposal." With this sort of result, why would any contractor pay an attorney to bring a case to GAO?

My second contention is that the increased discretion given to the contracting officer has given rise to many governmentwide area contracts/indefinite-delivery, indefinite-quantity contracts being awarded. Peckinpaugh cites the increase of IDIQ contracts as a reason for the reduction in protests. However, without acquisition reform, contracting officers would not have the discretion to make these decisions on IDIQs. One of the major features of the new IDIQ vehicles is a "no protest" clause, in which each winning vendor gives up the right to protest the methodology of issuing task orders.

If the four laws that make up acquisition reform are removed, we would return to the procurement scenarios of the late 1980s and more protests.

Patrick CollinsGovernment Marketing ManagerRecom Technologies Inc.Roseville, Calif.


  • Workforce
    White House rainbow light shutterstock ID : 1130423963 By zhephotography

    White House rolls out DEIA strategy

    On Tuesday, the Biden administration issued agencies a roadmap to guide their efforts to develop strategic plans for diversity, equity, inclusion and accessibility (DEIA), as required under a as required under a June executive order.

  • Defense
    software (whiteMocca/Shutterstock.com)

    Why DOD is so bad at buying software

    The Defense Department wants to acquire emerging technology faster and more efficiently. But will its latest attempts to streamline its processes be enough?

Stay Connected