DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Applicant's amendments filed on 01/21/2026 has been received and entered. Currently Claims 1-20 are pending.
Response to Arguments
Applicant’s arguments have been considered but are moot in view of the new ground(s) of rejection.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claim 3 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim 3 recites the limitation "the second request”. There is insufficient antecedent basis for this limitation in the claim.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-4, 8, 10-11, 15-17 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Zilbershtein et al. US 2022/0417241 (hereinafter Zilbershtein), in view of Le Saint et al. US 2018/0198606 (hereinafter Le Saint).
As per claim 1, Zilbershtein teaches a computer-implemented method for message encryption between a hypertext transfer protocol (HTTP) server and a client device, comprising: generating, by the client device, a demonstration of proof-of-possession comprising a signature of a first public key of a first keypair associated with the HTTP server, wherein the HTTP server has a first private key of the first keypair (Zilbershtein paragraph [0034], [0067], [0081], client generates and sends request, which includes a signed client assertion and a proof token, to control plane);
transmitting, to the HTTP server, a request comprising the demonstration of proof-of possession of the client device (Zilbershtein paragraph [0034], [0067], [0081], client generates and sends request, which includes a signed client assertion and a proof token, to control plane);
receiving a response from the HTTP server based at least in part on transmitting the request (Zilbershtein paragraph [0083], client receives response from control plane which includes authorization token).
Zilbershtein does not explicitly disclose response comprising an indication that one or more sections of the response are encrypted using a second public key of a second keypair of client device, wherein one or more other sections of the response are unencrypted;
decrypting, based at least in part on the response comprising the indication, the response using a second private key of the second keypair of the client device.
Le Saint teaches response comprising an indication that one or more sections of the response are encrypted using a second public key of a second keypair of client device, wherein one or more other sections of the response are unencrypted (Le Saint Fig. 9, paragraph [0116], [0160], message includes a clear text portion and a ciphertext portion. Encrypt data using the client public key to obtain the ciphertext. The message includes data that indicates that the message includes encrypted data);
decrypting, based at least in part on the response comprising the indication, the response using a second private key of the second keypair of the client device (Le Saint paragraph [0126]-[0127], determine that a client private key is needed to decrypt the ciphertext of the message. Decrypt the ciphertext using the client private key).
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Zilbershtein of communications between the client and the control plane with the teachings of Le Saint to include encrypting and decrypting communications between a client and a server in order to provide secure encrypted communications between the client and the control plane.
As per claim 2, Zilbershtein in view of Le Saint teaches the computer-implemented method of claim 1, further comprising: encrypting one or more second sections of a second response to the response using the first public key of the first keypair associated with the HTTP server; and transmitting the second response to the response, wherein the second response comprises a second indication that one or more second sections of the second response are encrypted using the first public key of the first keypair associated with the HTTP server (Zilbershtein paragraph [0087], client sends a request, including the authorization token, to the control plane; Le Saint Fig. 9, paragraph [0084], [0143], [0158], secure communications of messages between client and server is based on encrypting and decrypting using client’s and server’s public and private keys. Client encrypts data in the message using server public key. The message includes data that indicates that the message includes encrypted data).
As per claim 3, Zilbershtein in view of Le Saint teaches the computer-implemented method of claim 2, further comprising: updating a content type of the second request to include the second indication based at least in part on generating the demonstration of proof-of-possession (Zilbershtein paragraph [0034], [0067], [0081], client generates and sends request, which includes a signed client assertion and a proof token, to control plane; Le Saint Fig. 9, paragraph [0084], [0143], [0158], secure communications of messages between client and server is based on encrypting and decrypting using client’s and server’s public and private keys. Client encrypts data in the message using server public key. The message includes data that indicates that the message includes encrypted data).
As per claim 4, Zilbershtein in view of Le Saint teaches the computer-implemented method of claim 1, further comprising: encrypting one or more second sections of the request using the first public key of the first keypair associated with the HTTP server, wherein the encrypting comprises encrypting a body of the request, one or more headers of the request, or both using the first public key (Zilbershtein paragraph [0034], [0067], [0081], client generates and sends request, which includes a signed client assertion and a proof token, to control plane; Le Saint Fig. 9, paragraph [0084], [0143], [0158], secure communications of messages between client and server is based on encrypting and decrypting using client’s and server’s public and private keys. Client encrypts data in the message using server public key. The message includes data that indicates that the message includes encrypted data).
As per claim 8, Zilbershtein in view of Le Saint teaches the computer-implemented method of claim 1, wherein receiving the response comprises: receiving the response from the HTTP server based at least in part on a validation of the demonstration of proof-of-possession via the first private key of the first keypair of the HTTP server (Zilbershtein paragraph [0082]-[0083], validating the client request; Le Saint Fig. 9, paragraph [0102], [0116], [0160], decrypt client request using client public key. Response message includes a clear text portion and a ciphertext portion. Encrypt data using the client public key to obtain the ciphertext. The message includes data that indicates that the message includes encrypted data).
As per claim 10, Zilbershtein teaches a computer-implemented method for message encryption between a hypertext transfer protocol (HTTP) server and a client device, comprising: receiving, from the client device, a request comprising a demonstration of proof-of-possession of the client device signed using a first public key of a first keypair associated with the HTTP server, wherein the HTTP server has a first private key of the first keypair (Zilbershtein paragraph [0034], [0067], [0081], client generates and sends request, which includes a signed client assertion and a proof token, to control plane);
transmitting, to the client device, the response based at least in part on receiving the request comprising the demonstration of proof-of-possession (Zilbershtein paragraph [0083], client receives response from control plane which includes authorization token).
Zilbershtein does not explicitly disclose updating a content type of a response to include an indication that one or more sections of the response are encrypted using a second public key of a second keypair associated with client device having a second private key of the second keypair based at least in part on receiving request, wherein one or more other sections of the response are unencrypted;
encrypting, in accordance with the indication, the one or more sections of the response using the second public key of the second keypair associated with the client device.
Le Saint teaches updating a content type of a response to include an indication that one or more sections of the response are encrypted using a second public key of a second keypair associated with client device having a second private key of the second keypair based at least in part on receiving request, wherein one or more other sections of the response are unencrypted (Le Saint Fig. 9, paragraph [0102], [0116], [0160], receive a request message from client. Generate message which includes a clear text portion and a ciphertext portion. Encrypt data using the client public key to obtain the ciphertext. The message includes data that indicates that the message includes encrypted data);
encrypting, in accordance with the indication, the one or more sections of the response using the second public key of the second keypair associated with the client device (Le Saint Fig. 9, paragraph [0116], [0160], message includes a clear text portion and a ciphertext portion. Encrypt data using the client public key to obtain the ciphertext. The message includes data that indicates that the message includes encrypted data).
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Zilbershtein of communications between the client and the control plane with the teachings of Le Saint to include encrypting and decrypting communications between a client and a server in order to provide secure encrypted communications between the client and the control plane.
As per claim 11, Zilbershtein in view of Le Saint teaches the computer-implemented method of claim 10, wherein encrypting the one or more sections comprises: encrypting a body of the response, one or more headers of the response, or both using the second public key (Zilbershtein paragraph [0083], client receives response from control plane which includes authorization token; Le Saint Fig. 9, paragraph [0116], [0160], message includes a clear text portion and a ciphertext portion. Encrypt data using the client public key to obtain the ciphertext. The message includes data that indicates that the message includes encrypted data).
As per claim 15, Zilbershtein in view of Le Saint teaches the computer-implemented method of claim 10, further comprising: validating the demonstration of proof-of-possession using the first private key of the first keypair of the HTTP server, wherein transmitting the response is based at least in part on validating the demonstration of proof-of-possession (Zilbershtein paragraph [0082]-[0083], validating the client request; Le Saint Fig. 9, paragraph [0102], [0116], [0160], decrypt client request using client public key. Response message includes a clear text portion and a ciphertext portion. Encrypt data using the client public key to obtain the ciphertext. The message includes data that indicates that the message includes encrypted data).
As per claim 16, Zilbershtein in view of Le Saint teaches the computer-implemented method of claim 10, further comprising: decrypting, based at least in part on the request including a second indication that one or more second sections of the request are encrypted using the first public key of the first keypair associated with the HTTP server, the one or more second sections of the request using the first private key of the first keypair of the HTTP server, wherein transmitting the response is based at least in part on decrypting the one or more second sections of the request (Zilbershtein paragraph [0034], [0067], [0081], client generates and sends request, which includes a signed client assertion and a proof token, to control plane; Le Saint Fig. 9, paragraph [0097], [0100], [0102], [0116], [0158], [0160], determine server private key needed to decrypt the ciphertext of the request. Decrypt request using server private key. Response message includes a clear text portion and a ciphertext portion. Encrypt data using the client public key to obtain the ciphertext. The message includes data that indicates that the message includes encrypted data).
As per claim 17, Zilbershtein in view of Le Saint teaches the computer-implemented method of claim 10, wherein encrypting the one or more sections is based at least in part on a second indication of the request, an encryption of the request, or both (Zilbershtein paragraph [0034], [0067], [0081], client generates and sends request, which includes a signed client assertion and a proof token, to control plane. Paragraph [0083], client receives response from control plane which includes authorization token.; Le Saint Fig. 9, paragraph [0116], [0160], message includes a clear text portion and a ciphertext portion. Encrypt data using the client public key to obtain the ciphertext. The message includes data that indicates that the message includes encrypted data.).
As per claims 19-20, the claims claim an apparatus essentially corresponding to the method claims 1-2 above, and they are rejected, at least for the same reasons.
Claims 9 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Zilbershtein in view of Le Saint, and further in view of Kim et al. US 2023/0155990 (hereinafter Kim).
As per claim 9, Zilbershtein in view of Le Saint teaches the computer-implemented method of claim 1.
Zilbershtein in view of Le Saint does not explicitly disclose wherein one or more sections of message are indicated as encrypted via an extension or value included in content of the message preceding the one or more sections.
Kim teaches wherein one or more sections of message are indicated as encrypted via an extension or value included in content of the message preceding the one or more sections (Kim paragraph [0117], message header includes indication that the message is encrypted).
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Zilbershtein in view of Le Saint of encrypted communications between a client and the control plane with the teachings of Kim to include a message header including indication that the message is encrypted because the results would have been predictable and resulted in an indication in a specific field of the message header that the message is encrypted.
As per claim 18, Zilbershtein in view of Le Saint teaches the computer-implemented method of claim 10.
Zilbershtein in view of Le Saint does not explicitly disclose wherein one or more sections of message are indicated as encrypted via an extension or value included in content of the message preceding the one or more sections.
Kim teaches wherein one or more sections of message are indicated as encrypted via an extension or value included in content of the message preceding the one or more sections (Kim paragraph [0117], message header includes indication that the message is encrypted).
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Zilbershtein in view of Le Saint of encrypted communications between a client and the control plane with the teachings of Kim to include a message header including indication that the message is encrypted because the results would have been predictable and resulted in an indication in a specific field of the message header that the message is encrypted.
Allowable Subject Matter
Claims 5-7 and 12-14 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HENRY TSANG whose telephone number is (571)270-7959. The examiner can normally be reached M-F 9am - 5pm EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached at (571) 272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/HENRY TSANG/ Primary Examiner, Art Unit 2495
Prosecution Insights