DETAILED ACTION
A response was received on 10 November 2025. By this response, Claims 15-20 have been canceled and new Claims 21-26 have been added. No claims have been amended. Claims 1-14 and 21-26 are currently pending in the present application.
Election/Restrictions
Invention I has constructively been elected by Applicant’s cancellation of Claims 15-20 directed to Invention II. See MPEP § 818.02(c).
Drawings
Figure 7 should be designated by a legend such as --Prior Art-- because only that which is old is illustrated. See MPEP § 608.02(g). Corrected drawings in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. The replacement sheet(s) should be labeled “Replacement Sheet” in the page header (as per 37 CFR 1.84(c)) so as not to obstruct any portion of the drawing figures. If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.
The drawings are objected to because they include informalities. In particular, decision block 306A in Figure 3A, decision block 304B in Figure 3B, decision block 304C in Figure 3C, and decision blocks 508A, 512A, 514A, and 518A in Figure 5A are not clear as to what decisions are actually being made at these points of the flowcharts. Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.
Specification
The abstract of the disclosure is objected to because it includes legal phraseology of the type often used in patent claims (e.g. “wherein”) which is to be avoided in the abstract. Further, the abstract includes informalities such as minor grammatical errors. In particular, in line 3, a comma should be inserted after “A first computing device”. In line 6, the verb “writes” does not clearly follow “configured to” and is not properly in infinitive form. In line 7, it appears that a conjunction (e.g. “and” or “or”) should be inserted between writing the LKMS public key and writing the public key of the second computing device. A corrected abstract of the disclosure is required and must be presented on a separate sheet, apart from any other text. See MPEP § 608.01(b).
The disclosure is objected to because of the following informalities:
The specification does not include a brief summary of the invention as per 37 CFR 1.73. See also MPEP § 608.01(d). If a summary was intentionally omitted, Applicant is requested to make a statement on the record confirming this omission.
Appropriate correction is required. The lengthy specification has not been checked to the extent necessary to determine the presence of all possible minor errors. Applicant’s cooperation is requested in correcting any errors of which applicant may become aware in the specification.
Claim Objections
Claims 1, 11, and 23 are objected to because of the following informalities:
In Claim 1, line 7, the initialism “LKMS” should be written out in full the first time it appears.
In Claim 11, line 2, it appears that “an KMS public key” should be replaced with “a KMS public key”.
In Claim 23, line 2, it appears that “an KMS public key” should be replaced with “a KMS public key”.
Appropriate correction is required.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1-14 and 21-26 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 recites “the computing device” in line 6. It is not clear whether this is intended to refer to the first computing device recited in line 2 or the second computing device. The claim further recites a “remote KMS” in line 5 and an “LKMS” in line 7. It is not clear what these are remote or local to. The above ambiguities render the claim indefinite.
Claim 2 recites “the KMS” in lines 1 and 2. It is not clear whether this is intended to refer to the remote KMS, local KMS, or the KMS of Claim 1, line 3, if that is distinct. Claim 2 further recites “a command” in line 2. It is not clear whether this is intended to refer to the first or second command or a distinct command.
Claim 3 recites “the computing device” in line 1. It is not clear to which of the two computing devices this is intended to refer. The claim further recites “a digital signature” but does not define what the signature is on or of (or applied to).
Claim 4 recites “the computing device replaces the public key” in lines 1-2. First, it is not clear to which of the two computing devices this is intended to refer. Further, it is not clear how the system would include a step of replacing as recited. The claim additionally recites “the KMS” in line 2. It is not clear whether this is intended to refer to the remote KMS, local KMS, or the KMS of Claim 1, line 3, if that is distinct.
Claim 5 recites “the computing device” in line 3. It is not clear to which of the two computing devices this is intended to refer.
Claim 6 recites “the computing device” in line 1. It is not clear to which of the two computing devices this is intended to refer. The claim further recites “a digital signature” in line 2 but does not define what the signature is on or of (or applied to). The claim additionally recites “the KMS” in line 2. It is not clear whether this is intended to refer to the remote KMS, local KMS, or the KMS of Claim 1, line 3, if that is distinct.
Claim 7 recites “the computing device” in line 1. It is not clear to which of the two computing devices this is intended to refer.
Claim 8 recites “wherein the second computing device is configured to receive the nonce and generate the digital signature…” in lines 1-2. However, because the second computing device is not clearly recited as an element of the claimed system, it is not clear how this portion of the claim is intended to limit the claimed system. The claim further recites “the computing device” in line 5. It is not clear to which of the two computing devices this is intended to refer.
Claim 9 recites “a local key management server” in lines 2-3. It is not clear what this is local to. The claim further recites “the computing device” in lines 5 and 7. However, it is not clear whether this s intended to refer to the first computing device recited in line 2 or the second computing device. The above ambiguities render the claim indefinite.
Claim 11 recites “validating the second signed command” in lines 1-2 and “and replacing the KMS public key with the first public key” in lines 2-3. First, it is not clear which device or element performs these steps. Further, it is not clear what the phrase “and replacing…” is intended to modify or be coordinated with; that is, it is not clear whether the replacing is part of the validating or if it is an additional step.
Claim 13 recites steps of “generating a nonce and transmitting the nonce” and “initiating a connection to the second computing device”. It is not clear which device or element performs these steps.
Claim 14 recites “receiving a response” in line 1. It is not clear where this is received nor is it clear from where it is received. The claim additionally recites “and validating” in line 2. It is not grammatically clear what this is intended to modify or be coordinated with, e.g. if it is another further step of the method. Further, it is not clear which device or element performs this step. The claim also recites “before initiating a connection” in line 3. First, it is not clear which device or element performs this step, and further, it is not clear whether “a connection” is intended to refer to the same connection as Claim 13 or a distinct connection.
Claim 21 recites “a computing device” in line 4. It is not clear whether the claimed processor is intended to be part of this computing device. The claim additionally recites “a local key management server” in lines 4-5. It is not clear what this is local to. The claim further recites “the computing device” in lines 7 and 9. However, it is not clear whether this s intended to refer to the first computing device recited in line 4 or the second computing device. The above ambiguities render the claim indefinite.
Claim 23 recites “and replacing the KMS public key with the first public key” in lines 3-4. It is not clear what this phrase is intended to modify or be coordinated with; that is, it is not clear whether the replacing is part of the validating or if it is an additional step.
Claim 25 recites “initiating a connection to the second computing device”. It is not clear which other device is to be connected to the second computing device.
Claim 26 recites “receiving a response” in line 2. It is not clear where this is received nor is it clear from where it is received. The claim additionally recites “and validating” in line 3. It is not grammatically clear what this is intended to modify or be coordinated with, e.g. if it is another further step. Further, it is not clear which device or element performs this step. The claim also recites “before initiating a connection” in line 3. First, it is not clear which device or element performs this step, and further, it is not clear whether “a connection” is intended to refer to the same connection as Claim 25 or a distinct connection.
Claims not explicitly referred to above are rejected due to their dependence on a rejected base claim.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-14 and 21-26 are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al, US Patent 10020939, in view of Gueron et al, US Patent 11184157.
In reference to Claim 1, Lee discloses a system that includes a first computing device and a key management server (see Figure 3, device 300 and KMS 320) where the KMS is configured to write a public key to the first computing device using a first command and write a public key of a second computing device a second command (see column 9, lines 35-48, key substituted; see also column 10, lines 38-48, new public key encrypted). However, Lee does not explicitly disclose that the commands are signed.
Gueron discloses a system configured to write a public key using a signed command and replace the public key with a signed command from a local KMS (see Figure 4 and column 5, line 50-column 6, line 23, update signed by public key, noting also step 414, new public key acquired). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Gueron to include signing the update commands, in order to allow verification or validation of the update/command (see Gueron, column 5, lines 40-49, for example).
In reference to Claims 2-4, Lee and Gueron further disclose requesting and receiving a command and validating a digital signature, where the public key is replaced if the signature is valid (see Lee, column 9, lines 35-48, key substituted; see also column 10, lines 38-48, new public key encrypted; see also Gueron, steps 408-410, update received and verified, steps 412-414, update applied and new public key acquired).
In reference to Claims 5 and 6, Lee and Gueron further disclose receiving the public key of the second device and confirming an identity of the second device, where the signature on the second command is validated using a public key (see Lee, column 10, lines 38-48, new public key encrypted; see also Gueron, steps 408-410, update received and verified, and column 12, lines 34-42, user identity verified).
In reference to Claims 7 and 8, Lee and Gueron further disclose transmitting and receiving a nonce and signing the nonce and an identifier to allow validation of the digital signature (see Gueron, column 17, lines 14-42, noting particularly lines 17-21, nonce included in signature).
Claims 9-14 are directed to methods corresponding substantially to the functions of the systems of Claims 1, 3, 4, and 6-8, and are rejected by a similar rationale, mutatis mutandis.
Claims 21-26 are directed to software implementations of the methods of Claims 9-14, and are rejected by a similar rationale.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Egorov et al, US Patent 10691817, discloses a process that replaces a public key in a local key management system.
Ying et al, US Patent 10833874, discloses a method that includes updating public key maintenance information for multiple terminals and servers.
Han et al, US Patent 11411719, discloses a system using a key management service that replaces and manages a public private key pair.
Ogura et al, US Patent 11516021, discloses an apparatus that includes a unit that updates a public key certificate using a private key of a management server.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Zachary A Davis whose telephone number is (571)272-3870. The examiner can normally be reached Monday-Friday, 9:00am-5:30pm, Eastern Time.
Examiner interviews are available via telephone and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal D Dharia can be reached at (571) 272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Zachary A. Davis/Primary Examiner, Art Unit 2492