Prosecution Insights
Last updated: July 17, 2026
Application No. 19/198,959

METHOD OF OPERATING A PUBLIC KEY CERTIFICATE VALIDATION SYSTEM FOR FACILITATING A SECURE COMMUNICATION BETWEEN AN AIRCRAFT AND A GROUND ENTITY

Non-Final OA §103
Filed
May 05, 2025
Priority
May 07, 2024 — EU 24174490.3
Examiner
CHIANG, JASON
Art Unit
2431
Tech Center
2400 — Computer Networks
Assignee
Arinc Incorporated
OA Round
1 (Non-Final)
83%
Grant Probability
Favorable
1-2
OA Rounds
1y 4m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 83% — above average
83%
Career Allowance Rate
458 granted / 551 resolved
+25.1% vs TC avg
Strong +28% interview lift
Without
With
+28.5%
Interview Lift
resolved cases with interview
Typical timeline
2y 6m
Avg Prosecution
14 currently pending
Career history
566
Total Applications
across all art units

Statute-Specific Performance

§101
1.8%
-38.2% vs TC avg
§103
91.4%
+51.4% vs TC avg
§102
4.0%
-36.0% vs TC avg
§112
0.7%
-39.3% vs TC avg
Black line = Tech Center average estimate • Based on career data from 551 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION This action is in response to the communication filed on 05/05/2025. Claims 1-20 are under examination. The Information Disclosure Statements filed on 05/05/2025 has been entered and considered. Allowable Subject Matter Claim 15 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1, 3-8, 12, 14 and 17-20 are rejected under 35 U.S.C. 103 as being unpatentable over Graniano et al. (US 10,951,418 B1) and Nadalin et al. (US 2005/0278534 A1). Regarding claim 1, Graniano et al. discloses A method of operating a public key certificate validation system for facilitating a secure communication between an aircraft and a ground entity [abs, “Systems and methods of managing enrollment of digital identities (e.g., for aeronautical communication) can involve a line-replaceable unit (LRU) in an aircraft establishing a digital identity with a ground-based server by requesting a public certificate from the ground-based server”], the method comprising: sending a public key certificate of the ground entity from the ground entity to a trusted responder [col. 6, lines 23-24, “The ground-based server 106 may forward the public certificate to the LRU 104”]; at the trusted responder, validating the public key certificate of the ground entity and storing a trust indication regarding the public key certificate of the ground entity in a validation database [col. 6, lines 25-28, “The LRU 104 may validate the public certificate to ensure the establishment of the digital identity 114 with the ground-based server 106. The LRU 104 may store the public certificate as part of the digital identity 114”]; the validation request associated with the secure communication between the aircraft and the ground entity, wherein the validation response is based on the trust indication regarding the public key certificate of the ground entity stored in the validation database [col. 13, lines 28-45, “If the public certificate 240 is valid or the validation of the public certificate 240 is successful, the certificate validator 214 may select a status code indicating that the public certificate 240 is valid or the validation of the public certificate 240 is successful… In some embodiments, the status code may also indicate to the ground-based server 106 that the digital identity 114 and/or the secure communication session 110 with the LRU 104 have been established... In some embodiments, the status code may specify the ground-based server 106 to initiate sending of messages via the secure communication session 110”]. Graniano et al. does not explicitly disclose storing in a pre-cached validation database, and at the trusted responder, maintaining the pre-cached validation database for providing a validation response regarding the public key certificate of the ground entity when a validation request reaches the trusted responder. However, Nadalin et al. teaches storing in a pre-cached validation database [par. 0051, “Validated certificate information cache 420 records information about end entity certificates that were successfully validated, i.e. those certificates that were presented to certificate validation service 406 for validation and then subsequently successfully validated”, par. 0061, database], and at the trusted responder, maintaining the pre-cached validation database for providing a validation response regarding the public key certificate of the ground entity when a validation request reaches the trusted responder, wherein the validation response is based on the trust indication regarding the public key certificate of the ground entity stored in the pre-cached validation database [par. 0058, “the certificate validation service looks up the target certificate within validated certificate information cache 420 using information from the target certificate and obtains a reference or link to the appropriate certificate chain in validated certificate chain cache 422, which would have been associated with or related to the previously cached information for the target certificate in validated certificate information cache 420 during the processing of a previous certificate validation request. Since certain certificate validation-related tasks have already been performed on the cached certificate chain information during the processing of a previous certificate validation request, e.g., the verification of digital signatures on the certificates, significant savings in processing time can be obtained with the use of the certificate validation service”, par. 0059, the certificate validation service generates a validation response message with a positive status indication (step 612) and returns the validation response message to the client]. Before the effective filing date of the claimed invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Nadalin et al. into the teaching of Graniano et al. with the motivation to cache information about previously validated certificates and the associated certificate chains, thereby enhancing the efficiency of the service as taught by Nadalin et al. [Nadalin et al.: par. 0011]. Regarding claim 3, the rejection of claim 1 is incorporated. Nadalin et al. further discloses validating of the public key certificate of the ground entity comprises evaluating all legs of a public key infrastructure (PKI) path between the public key certificate of the ground entity and a trusted root node [par. 0061, “as the certificate validation service verifies certificates within a certificate chain, chaining information about certificates may be cached within validated certificate chain cache 422 while copies of the validated certificates are stored within certificate repository 424… it is possible that a certificate chain would be validated from a root certificate up to, but not including, the invalid certificate, and this portion of the certificate chain could be cached, e.g., within validated certificate chain cache 422”, par. 0045, PKI]. Before the effective filing date of the claimed invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Nadalin et al. into the teaching of Graniano et al. with the motivation to cache information about previously validated certificates and the associated certificate chains, thereby enhancing the efficiency of the service as taught by Nadalin et al. [Nadalin et al.: par. 0011]. Regarding claim 4, the rejection of claim 3 is incorporated. Nadalin et al. further discloses the trusted root node is a trusted certificate authority [par. 0034, “Certificates are issued by certificate authorities. A certificate authority (CA) is an entity, usually a trusted third party to a transaction”, par. 0060, “the target certificate is checked for validity with respect to the cached information about the target certificate's purported issuer”]. Before the effective filing date of the claimed invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Nadalin et al. into the teaching of Graniano et al. with the motivation to cache information about previously validated certificates and the associated certificate chains, thereby enhancing the efficiency of the service as taught by Nadalin et al. [Nadalin et al.: par. 0011]. Regarding claim 5, the rejection of claim 3 is incorporated. Nadalin et al. further discloses the stored trust indication regarding the public key certificate of the ground entity is a trust indication regarding a PKI path between the public key certificate of the ground entity and a trusted root node [par. 0060, “ If it is determined at step 620 that the certificate validation service has previously cached information about the target certificate's issuer, then a determination is made as to whether or not there is a valid and trusted relationship between the target certificate's issuer and the target certificate (step 622); in other words, the target certificate is checked for validity with respect to the cached information about the target certificate's purported issuer”]. Before the effective filing date of the claimed invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Nadalin et al. into the teaching of Graniano et al. with the motivation to cache information about previously validated certificates and the associated certificate chains, thereby enhancing the efficiency of the service as taught by Nadalin et al. [Nadalin et al.: par. 0011]. Regarding claim 6, the rejection of claim 1 is incorporated. Graniano et al. further discloses the secure communication between the aircraft and the ground entity is a Transport Layer Security (TLS) / Datagram Transport Layer Security (DTLS) based secure communication [col. 7, lines 57-62, “The communication protocol used to establish the digital identity 114 and/or the secure communication session 110 may be the Hypertext Transfer Protocol (HTTP), the Transport Layer Security (TLS), the Datagram Transport Layer Security (DTLS)”]. Regarding claim 7, the rejection of claim 1 is incorporated. Graniano et al. further discloses re-sending the public key certificate of the ground entity from the ground entity to the trusted responder in predefined intervals [col. 9, lines 41-45, “After the predetermined amount of time has elapsed, the session manager 212 may resend the request for the public certificate to the ground-based server”, col. 10, lines 25-33, The enrollment engine 226 of the ground-based server 106 may forward or transmit the public certificate 240 to the LRU 104]; and at the trusted responder: re-validating the public key certificate of the ground entity [col.; 16, lines 4-5, “The certificate validator 214 may re-validate the public certificate”]; and storing an updated trust indication regarding the public key certificate of the ground entity in the validation database. [col. 6, lines 25-28, “The LRU 104 may validate the public certificate to ensure the establishment of the digital identity 114 with the ground-based server 106. The LRU 104 may store the public certificate as part of the digital identity 114”]. Nadalin et al. teaches storing in a pre-cached validation database [par. 0051, “Validated certificate information cache 420 records information about end entity certificates that were successfully validated, i.e. those certificates that were presented to certificate validation service 406 for validation and then subsequently successfully validated”, par. 0061, database]. Before the effective filing date of the claimed invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Nadalin et al. into the teaching of Graniano et al. with the motivation to cache information about previously validated certificates and the associated certificate chains, thereby enhancing the efficiency of the service as taught by Nadalin et al. [Nadalin et al.: par. 0011]. Regarding claim 8, the rejection of claim 1 is incorporated. Graniano et al. further discloses sending a new public key certificate of the ground entity from the ground entity to the trusted responder; [col. 2, lines 20-21, “new certificate request”, col. 10, lines 25-33, The enrollment engine 226 of the ground-based server 106 may forward or transmit the public certificate 240 to the LRU 104]; and at the trusted responder: validating the new public key certificate of the ground entity; [col.; 16, lines 4-5, “The certificate validator 214 may re-validate the public certificate”]; and storing an updated trust indication regarding the new public key certificate of the ground entity in the validation database [col. 6, lines 25-28, “The LRU 104 may validate the public certificate to ensure the establishment of the digital identity 114 with the ground-based server 106. The LRU 104 may store the public certificate as part of the digital identity 114”]. Nadalin et al. teaches storing in a pre-cached validation database [par. 0051, “Validated certificate information cache 420 records information about end entity certificates that were successfully validated, i.e. those certificates that were presented to certificate validation service 406 for validation and then subsequently successfully validated”, par. 0061, database]. Before the effective filing date of the claimed invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Nadalin et al. into the teaching of Graniano et al. with the motivation to cache information about previously validated certificates and the associated certificate chains, thereby enhancing the efficiency of the service as taught by Nadalin et al. [Nadalin et al.: par. 0011]. Regarding claim 12, the rejection of claim 1 is incorporated. Graniano et al. further discloses the validation request regarding the public key certificate of the ground entity is sent from the ground entity to the trusted responder in response to receiving a communication initialization message from the aircraft [col. 1, lines 7-9, “To establish a digital identity in aeronautical environments, an airborne unit may transmit a request for a digital certificate to ground-based infrastructure”, col. 6, lines 23-24, “The ground-based server 106 may forward the public certificate to the LRU 104”, col. 6, lines 25-28, “The LRU 104 may validate the public certificate to ensure the establishment of the digital identity 114 with the ground-based server 106. The LRU 104 may store the public certificate as part of the digital identity 114”]. Regarding claim 14, the rejection of claim 12 is incorporated. Graniano et al. further discloses the trusted responder is indicated in a listing of at least one potential trusted responder; and wherein said listing is included in the communication initialization message received from the aircraft [col. 5, lines 18-36, “The aircraft 102 may be any type of aircraft… with one or more line-replaceable units (LRUs) 104... Each LRU 104 may contain or include one or more processors and memory with instructions for processing data on flight operations, maintenance, and diagnostics received from other avionics hardware units of the aircraft 102”, col. 6, lines 4-10, “The LRU 104 may also generate a certificate signing request (CSR) containing an identifier for the LRU 104 (e.g., a distinguished name, a geographic address, unique name) and the public key to be assigned to the LRU 104. Once generated, the LRU 104 may transmit the request to the ground-based server 106”]. Regarding claim 17, the rejection of claim 1 is incorporated. Graniano et al. further discloses the validation request regarding the public key certificate of the ground entity is sent from the aircraft to the trusted responder [col. 22, lines 6-10, “the ground-based server may transmit a public certificate from a certificate authority responsive to the request from the LRU. In response to the request to establish the digital identity, the ground-based server may forward the request to the certificate authority”]. Regarding claim 18, the rejection of claim 1 is incorporated. Graniano et al. further discloses the validation response is sent from the trusted responder to the aircraft [col. 22, lines 6-10, “The certificate authority may generate the public certificate to send to the ground-based server. The public certificate may include the request including the public key, the identifier for the LRU and the digital signature of the LRU, as well as a digital certificate uniquely assigned to the certificate authority. The ground-based server may send the public certificate received from the certificate authority to the LRU”]. Regarding claim 19, Graniano et al. discloses A method of operating a trusted responder for facilitating a secure communication between an aircraft and a ground entity [abs, “Systems and methods of managing enrollment of digital identities (e.g., for aeronautical communication) can involve a line-replaceable unit (LRU) in an aircraft establishing a digital identity with a ground-based server by requesting a public certificate from the ground-based server”], the method comprising: receiving a public key certificate of the ground entity from the ground entity [col. 6, lines 23-24, “The ground-based server 106 may forward the public certificate to the LRU 104”]; validating the public key certificate of the ground entity; storing a trust indication regarding the public key certificate of the ground entity in a validation database [col. 6, lines 25-28, “The LRU 104 may validate the public certificate to ensure the establishment of the digital identity 114 with the ground-based server 106. The LRU 104 may store the public certificate as part of the digital identity 114”]; the validation request associated with the secure communication between the aircraft and the ground entity, wherein the validation response is based on the trust indication regarding the public key certificate of the ground entity from the validation database [col. 13, lines 28-45, “If the public certificate 240 is valid or the validation of the public certificate 240 is successful, the certificate validator 214 may select a status code indicating that the public certificate 240 is valid or the validation of the public certificate 240 is successful… In some embodiments, the status code may also indicate to the ground-based server 106 that the digital identity 114 and/or the secure communication session 110 with the LRU 104 have been established... In some embodiments, the status code may specify the ground-based server 106 to initiate sending of messages via the secure communication session 110”]. Graniano et al. does not explicitly disclose storing in a pre-cached validation database and maintaining the pre-cached validation database for providing a validation response regarding the public key certificate of the ground entity when a validation request reaches the trusted responder. However, Nadalin et al. teaches storing in a pre-cached validation database [par. 0051, “Validated certificate information cache 420 records information about end entity certificates that were successfully validated, i.e. those certificates that were presented to certificate validation service 406 for validation and then subsequently successfully validated”, par. 0061, database], and at the trusted responder, maintaining the pre-cached validation database for providing a validation response regarding the public key certificate of the ground entity when a validation request reaches the trusted responder, wherein the validation response is based on the trust indication regarding the public key certificate of the ground entity stored in the pre-cached validation database [par. 0058, “the certificate validation service looks up the target certificate within validated certificate information cache 420 using information from the target certificate and obtains a reference or link to the appropriate certificate chain in validated certificate chain cache 422, which would have been associated with or related to the previously cached information for the target certificate in validated certificate information cache 420 during the processing of a previous certificate validation request. Since certain certificate validation-related tasks have already been performed on the cached certificate chain information during the processing of a previous certificate validation request, e.g., the verification of digital signatures on the certificates, significant savings in processing time can be obtained with the use of the certificate validation service”, par. 0059, the certificate validation service generates a validation response message with a positive status indication (step 612) and returns the validation response message to the client]. Before the effective filing date of the claimed invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Nadalin et al. into the teaching of Graniano et al. with the motivation to cache information about previously validated certificates and the associated certificate chains, thereby enhancing the efficiency of the service as taught by Nadalin et al. [Nadalin et al.: par. 0011]. Regarding claim 20, Graniano et al. discloses A method of operating a ground entity for facilitating a secure communication between an aircraft and the ground entity [abs, “Systems and methods of managing enrollment of digital identities (e.g., for aeronautical communication) can involve a line-replaceable unit (LRU) in an aircraft establishing a digital identity with a ground-based server by requesting a public certificate from the ground-based server”], the method comprising: sending a public key certificate of the ground entity to a trusted responder for the trusted responder to validate the public key certificate of the ground entity and to store a trust indication regarding the public key certificate of the ground entity in a pre-cached validation database [col. 6, lines 23-24, “The ground-based server 106 may forward the public certificate to the LRU 104”, col. 6, lines 25-28, “The LRU 104 may validate the public certificate to ensure the establishment of the digital identity 114 with the ground-based server 106. The LRU 104 may store the public certificate as part of the digital identity 114”]; wherein the sending of the public key certificate of the ground entity to the trusted responder is independent from a validation request regarding the public key certificate of the ground entity, the validation request associated with the secure communication between the aircraft and the ground entity [col. 13, lines 28-45, “If the public certificate 240 is valid or the validation of the public certificate 240 is successful, the certificate validator 214 may select a status code indicating that the public certificate 240 is valid or the validation of the public certificate 240 is successful… In some embodiments, the status code may also indicate to the ground-based server 106 that the digital identity 114 and/or the secure communication session 110 with the LRU 104 have been established... In some embodiments, the status code may specify the ground-based server 106 to initiate sending of messages via the secure communication session 110”]. Graniano et al. does not explicitly disclose storing in a pre-cached validation database. However, Nadalin et al. teaches storing in a pre-cached validation database [par. 0051, “Validated certificate information cache 420 records information about end entity certificates that were successfully validated, i.e. those certificates that were presented to certificate validation service 406 for validation and then subsequently successfully validated”, par. 0061, database]. Before the effective filing date of the claimed invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Nadalin et al. into the teaching of Graniano et al. with the motivation to cache information about previously validated certificates and the associated certificate chains, thereby enhancing the efficiency of the service as taught by Nadalin et al. [Nadalin et al.: par. 0011]. Claim 2 is rejected under 35 U.S.C. 103 as being unpatentable over Graniano et al. (US 10,951,418 B1) and Nadalin et al. (US 2005/0278534 A1) as applied to claims 1, 3-8, 12, 14 and 17-20 above, and further in view of Kwan (US 2002/0184182 A1). Regarding claim 2, the rejection of claim 1 is incorporated. Graniano et al. and Nadalin et al. discloses sending a public key certificate of the ground entity from the ground entity to a trusted responder. They do not explicitly disclose the trusted responder is an Online Certificate Status Protocol (OCSP) trusted responder; and wherein the validation request and the validation response are an OCSP validation request and an OCSP validation response, respectively. However, Kwan teaches the trusted responder is an Online Certificate Status Protocol (OCSP) trusted responder; and wherein the validation request and the validation response are an OCSP validation request and an OCSP validation response, respectively [claim 16, “an OCSP responder configured to receive the online certificate status protocol request associated with the digital certificate… return an LDAP database query result indicating whether the digital certificate is valid”, claim 14, “store a database record reflecting an identity of the new digital certificate, receive the database query based on the online certificate status protocol request… and return an indication of the database record to the first computer when the database record reflecting the requested digital certificate is found to indicate validity of the requested digital certificate”]. Before the effective filing date of the claimed invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Kwan into the teaching of Graniano et al. and Nadalin et al. with the motivation for answering online certificate status requests without certificate revocation lists as taught by Kwan [Kwan: claim 14]. Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Graniano et al. (US 10,951,418 B1) and Nadalin et al. (US 2005/0278534 A1) as applied to claims 1, 3-8, 12, 14 and 17-20 above, and further in view of Edstrom et al. (US 2011/0154026 A1). Regarding claim 9, the rejection of claim 1 is incorporated. Graniano et al. discloses a plurality of trusted responders [col. 5, lines 18-36, “The aircraft 102 may be any type of aircraft… with one or more line-replaceable units (LRUs) 104... Each LRU 104 may contain or include one or more processors and memory with instructions for processing data on flight operations, maintenance, and diagnostics received from other avionics hardware units of the aircraft 102”], sending a public key certificate of the ground entity from the ground entity to a trusted responder [col. 6, lines 23-24, “The ground-based server 106 may forward the public certificate to the LRU 104”]; validating, at each of the plurality of trusted responders, the public key certificate of the ground entity; storing, at each of the plurality of trusted responders, a respective trust indication regarding the public key certificate of the ground entity in a respective validation database [col. 6, lines 25-28, “The LRU 104 may validate the public certificate to ensure the establishment of the digital identity 114 with the ground-based server 106. The LRU 104 may store the public certificate as part of the digital identity 114”]; wherein the validation response is associated with the secure communication between the aircraft and the ground entity, and wherein the validation response is based on the respective trust indication regarding the public key certificate of the ground entity from the respective validation database [col. 13, lines 28-45, “If the public certificate 240 is valid or the validation of the public certificate 240 is successful, the certificate validator 214 may select a status code indicating that the public certificate 240 is valid or the validation of the public certificate 240 is successful… In some embodiments, the status code may also indicate to the ground-based server 106 that the digital identity 114 and/or the secure communication session 110 with the LRU 104 have been established... In some embodiments, the status code may specify the ground-based server 106 to initiate sending of messages via the secure communication session 110”]. Nadalin et al. teaches storing in a pre-cached validation database [par. 0051, “Validated certificate information cache 420 records information about end entity certificates that were successfully validated, i.e. those certificates that were presented to certificate validation service 406 for validation and then subsequently successfully validated”, par. 0061, database], maintaining, at each of the plurality of trusted responders, the respective pre-cached validation database for providing a validation response regarding the public key certificate of the ground entity when a validation request reaches the respective trusted responder, and wherein the validation response is based on the respective trust indication regarding the public key certificate of the ground entity from the respective pre- cached validation database. [par. 0058, “the certificate validation service looks up the target certificate within validated certificate information cache 420 using information from the target certificate and obtains a reference or link to the appropriate certificate chain in validated certificate chain cache 422, which would have been associated with or related to the previously cached information for the target certificate in validated certificate information cache 420 during the processing of a previous certificate validation request. Since certain certificate validation-related tasks have already been performed on the cached certificate chain information during the processing of a previous certificate validation request, e.g., the verification of digital signatures on the certificates, significant savings in processing time can be obtained with the use of the certificate validation service”, par. 0059, the certificate validation service generates a validation response message with a positive status indication (step 612) and returns the validation response message to the client]. Before the effective filing date of the claimed invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Nadalin et al. into the teaching of Graniano et al. with the motivation to cache information about previously validated certificates and the associated certificate chains, thereby enhancing the efficiency of the service as taught by Nadalin et al. [Nadalin et al.: par. 0011]. They do not explicitly disclose sending the public key certificate to a plurality of trusted responders. However, Edstrom et al. teaches sending the public key certificate to a plurality of trusted responders [par. 0010, “a plurality of Online Certificate Status Protocol (OCSP) responders for determining a status of a client certificate responsive to receiving the client certificate”, par. 0245, “identifies one or more OCSP responders in response to receiving a certificate”]. Before the effective filing date of the claimed invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Edstrom et al. into the teaching of Graniano et al. and Nadalin et al. with the motivation to more efficiently perform OCSP processing and validation between clients and servers as taught by Edstrom et al. [Edstrom et al.: par. 0003]. Claims 10-11 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Graniano et al. (US 10,951,418 B1) and Nadalin et al. (US 2005/0278534 A1) as applied to claims 1, 3-8, 12, 14 and 17-20 above, and further in view of Kostanic et al. (US 2022/0317290 A1). Regarding claim 10, the rejection of claim 1 is incorporated. Graniano et al. discloses receiving, at the trusted responder, a respective public key certificate [col. 6, lines 23-24, “The ground-based server 106 may forward the public certificate to the LRU 104”]; validating, at the trusted responder and for each of the plurality of ground entities, the respective public key certificate; storing, at the trusted responder, a respective trust indication regarding the respective public key certificate of the respective ground entity in the validation database [col. 6, lines 25-28, “The LRU 104 may validate the public certificate to ensure the establishment of the digital identity 114 with the ground-based server 106. The LRU 104 may store the public certificate as part of the digital identity 114”]; and wherein the validation response is based on the respective trust indication regarding the public key certificate of the ground entity from the respective validation database [col. 13, lines 28-45, “If the public certificate 240 is valid or the validation of the public certificate 240 is successful, the certificate validator 214 may select a status code indicating that the public certificate 240 is valid or the validation of the public certificate 240 is successful… In some embodiments, the status code may also indicate to the ground-based server 106 that the digital identity 114 and/or the secure communication session 110 with the LRU 104 have been established... In some embodiments, the status code may specify the ground-based server 106 to initiate sending of messages via the secure communication session 110”]. Nadalin et al. teaches storing in a pre-cached validation database [par. 0051, “Validated certificate information cache 420 records information about end entity certificates that were successfully validated, i.e. those certificates that were presented to certificate validation service 406 for validation and then subsequently successfully validated”, par. 0061, database], maintaining, at the trusted responder, the pre-cached validation database for providing respective validation responses regarding the respective public key certificates of the plurality of ground entities, wherein the respective validation responses are based on the respective trust indications regarding the respective public key certificates of the plurality of ground entities from the pre- cached validation database [par. 0058, “the certificate validation service looks up the target certificate within validated certificate information cache 420 using information from the target certificate and obtains a reference or link to the appropriate certificate chain in validated certificate chain cache 422, which would have been associated with or related to the previously cached information for the target certificate in validated certificate information cache 420 during the processing of a previous certificate validation request. Since certain certificate validation-related tasks have already been performed on the cached certificate chain information during the processing of a previous certificate validation request, e.g., the verification of digital signatures on the certificates, significant savings in processing time can be obtained with the use of the certificate validation service”, par. 0059, the certificate validation service generates a validation response message with a positive status indication (step 612) and returns the validation response message to the client]. Before the effective filing date of the claimed invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Nadalin et al. into the teaching of Graniano et al. with the motivation to cache information about previously validated certificates and the associated certificate chains, thereby enhancing the efficiency of the service as taught by Nadalin et al. [Nadalin et al.: par. 0011]. They do not explicitly disclose receiving, at the trusted responder, a respective public key certificate from each of a plurality of ground entities. However, Kostanic et al. teaches receiving, at the trusted responder, a respective public key certificate from each of a plurality of ground entities [par. 0356, “the enhanced LDACS system operating in a peer-to-peer communications system may broadcast information… The private data may be secured with a short-term encryption certificate only known to appropriate entities. The certificate becomes part of the pre-flight planning and the enhanced LDACS system may be updated for each flight or updated more frequently if desired”, par. 0469, “a number of LDACS ground stations 1304 are shown and numbered one, two and “n” and may communicate with respective ground communication networks that are associated with respective LDACS ground stations. A number of LDACS airborne stations 1308 are shown and numbered one, two and “n” indicative that any number of airborne stations may be present. The enhanced LDACS system 1300 includes a network controller 1320 configured to operate the plurality of LDACS ground stations 1304”, par. 0245, “identifies one or more OCSP responders in response to receiving a certificate”]. Before the effective filing date of the claimed invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Kostanic et al. into the teaching of Graniano et al. and Nadalin et al. with the motivation to have secured private communications for aircraft operators and ANSPs as taught by Kostanic et al. [Kostanic et al.: par. 0148]. Regarding claim 11, the rejection of claim 1 is incorporated. Graniano et al. discloses receiving, at the trusted responder, a respective aircraft public key certificate from aircraft [col. 21, line 65-col. 22, line 5, “a ground-based server may receive a request to establish a digital identity from a LRU of an aircraft. The digital identity may in accordance to any public key infrastructure (PKI) based communication protocol. The request to establish the digital identity may include a public key generated by the LRU, an identifier for the LRU, and a digital signature uniquely associated with the LRU”]; validating, at the trusted responder and for each of the plurality of aircraft, the respective aircraft public key certificate; storing, at the trusted responder, a respective aircraft trust indication regarding the respective aircraft public key certificate of the respective aircraft in the validation database [col. 6, lines 25-28, “The LRU 104 may validate the public certificate to ensure the establishment of the digital identity 114 with the ground-based server 106. The LRU 104 may store the public certificate as part of the digital identity 114”]; wherein the respective validation responses are based on the respective trust indications regarding the respective aircraft public key certificates of the plurality of aircraft from the validation database [col. 13, lines 28-45, “If the public certificate 240 is valid or the validation of the public certificate 240 is successful, the certificate validator 214 may select a status code indicating that the public certificate 240 is valid or the validation of the public certificate 240 is successful… In some embodiments, the status code may also indicate to the ground-based server 106 that the digital identity 114 and/or the secure communication session 110 with the LRU 104 have been established... In some embodiments, the status code may specify the ground-based server 106 to initiate sending of messages via the secure communication session 110”]. Nadalin et al. teaches storing in a pre-cached validation database [par. 0051, “Validated certificate information cache 420 records information about end entity certificates that were successfully validated, i.e. those certificates that were presented to certificate validation service 406 for validation and then subsequently successfully validated”, par. 0061, database], maintaining, at the trusted responder, the pre-cached validation database for providing respective validation responses regarding the respective aircraft public key certificates of the plurality of aircraft, wherein the respective validation responses are based on the respective trust indications regarding the respective aircraft public key certificates of the plurality of aircraft from the pre- cached validation database [par. 0058, “the certificate validation service looks up the target certificate within validated certificate information cache 420 using information from the target certificate and obtains a reference or link to the appropriate certificate chain in validated certificate chain cache 422, which would have been associated with or related to the previously cached information for the target certificate in validated certificate information cache 420 during the processing of a previous certificate validation request. Since certain certificate validation-related tasks have already been performed on the cached certificate chain information during the processing of a previous certificate validation request, e.g., the verification of digital signatures on the certificates, significant savings in processing time can be obtained with the use of the certificate validation service”, par. 0059, the certificate validation service generates a validation response message with a positive status indication (step 612) and returns the validation response message to the client]. Before the effective filing date of the claimed invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Nadalin et al. into the teaching of Graniano et al. with the motivation to cache information about previously validated certificates and the associated certificate chains, thereby enhancing the efficiency of the service as taught by Nadalin et al. [Nadalin et al.: par. 0011]. They do not explicitly disclose receiving, at the trusted responder, a respective aircraft public key certificate from each of a plurality of aircraft. However, Kostanic et al. teaches receiving, at the trusted responder, a respective aircraft public key certificate from each of a plurality of aircraft [par. 0356, “the enhanced LDACS system operating in a peer-to-peer communications system may broadcast information… The private data may be secured with a short-term encryption certificate only known to appropriate entities. The certificate becomes part of the pre-flight planning and the enhanced LDACS system may be updated for each flight or updated more frequently if desired”, par. 0469, “a number of LDACS ground stations 1304 are shown and numbered one, two and “n” and may communicate with respective ground communication networks that are associated with respective LDACS ground stations. A number of LDACS airborne stations 1308 are shown and numbered one, two and “n” indicative that any number of airborne stations may be present. The enhanced LDACS system 1300 includes a network controller 1320 configured to operate the plurality of LDACS ground stations 1304”, par. 0245, “identifies one or more OCSP responders in response to receiving a certificate”]. Before the effective filing date of the claimed invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Kostanic et al. into the teaching of Graniano et al. and Nadalin et al. with the motivation to have secured private communications for aircraft operators and ANSPs as taught by Kostanic et al. [Kostanic et al.: par. 0148]. Regarding claim 13, the rejection of claim 11 is incorporated. Graniano et al. discloses the trusted responder is indicated in the communication initialization message from the aircraft [col. 6, lines 4-10, “The LRU 104 may also generate a certificate signing request (CSR) containing an identifier for the LRU 104 (e.g., a distinguished name, a geographic address, unique name) and the public key to be assigned to the LRU 104. Once generated, the LRU 104 may transmit the request to the ground-based server 106”]. Claim 16 is rejected under 35 U.S.C. 103 as being unpatentable over Graniano et al. (US 10,951,418 B1), Nadalin et al. (US 2005/0278534 A1) and Kostanic et al. (US 2022/0317290 A1) as applied to claims 10-11 and 13 above, and further in view of Edstrom et al. (US 2011/0154026 A1). Regarding claim 16, the rejection of claim 11 is incorporated. Graniano et al. further the validation response is sent from the trusted responder to the ground entity; wherein the validation response is included in a response message to the communication initialization message, the response message sent from the ground entity to the aircraft [col. 13, lines 28-45, “If the public certificate 240 is valid or the validation of the public certificate 240 is successful, the certificate validator 214 may select a status code indicating that the public certificate 240 is valid or the validation of the public certificate 240 is successful… In some embodiments, the status code may also indicate to the ground-based server 106 that the digital identity 114 and/or the secure communication session 110 with the LRU 104 have been established... In some embodiments, the status code may specify the ground-based server 106 to initiate sending of messages via the secure communication session 110”]. They do not explicitly disclose the response message is a server hello message. However, Edstrom et al. teaches the response message is a server hello message [par. 0346, “An SSL handshake 677 may be initialized by a client_hello message generated and transmitted by the client 102. The intermediary 200, operating as a receiving end, may respond with a server-hello message”]. Before the effective filing date of the claimed invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Edstrom et al. into the teaching of Graniano et al., Nadalin et al. and Kostanic et al. with the motivation to more efficiently perform OCSP processing and validation between clients and servers as taught by Edstrom et al. [Edstrom et al.: par. 0003]. Conclusion The prior art made of record and not relied upon is considered pertinent to Applicant’s disclosure: US 20190306708 A1 SYSTEM AND METHOD FOR ENABLING EXTERNAL DEVICE CONNECTIVITY TO AVIONICS SYSTEMS US 20180367530 A1 CERTIFICATE PINNING IN HIGHLY SECURE NETWORK ENVIRONMENTS USING PUBLIC KEY CERTIFICATES OBTAINED FROM A DHCP (DYNAMIC HOST CONFIGURATION PROTOCOL) SERVER US 20180262348 A1 Processing A Security Policy For Certificate Validation Error US 20190260596 A1 SYSTEMS AND METHODS FOR ENHANCED ONLINE CERTIFICATE STATUS PROTOCOL US 20190245700 A1 Managing And Negotiating Certificates US 20180109375 A1 SYSTEMS AND METHODS FOR POST-HOC DEVICE REGISTRATION US 9507859 B1 Speculative Acquisition Of Certificate Validation Information US 20050081037 A1 Method And Apparatus For Accelerating Public-key Certificate Validation US 20050076202 A1 Program Product For Discovering Enterprise Certificates US 20010032310 A1 Public Key Validation Service Any inquiry concerning this communication or earlier communications from the examiner should be directed to JASON CHIANG whose telephone number is (571)270-3393. The examiner can normally be reached on 9 AM to 6 PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on (571) 272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /JASON CHIANG/Primary Examiner, Art Unit 2431
Read full office action

Prosecution Timeline

May 05, 2025
Application Filed
Jul 07, 2026
Non-Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12682096
AUGMENTING SYSTEM ACCESS CONTROL PERSPECTIVE
2y 9m to grant Granted Jul 14, 2026
Patent 12676862
Systems and Methods for Anonymous Administrative Login
3y 3m to grant Granted Jul 07, 2026
Patent 12659339
RECORDING SECURITY MANAGEMENT
2y 8m to grant Granted Jun 16, 2026
Patent 12645809
ANALYZING AGGREGATED EVENT DATA TO IDENTIFY AND ADDRESS PERMISSIONS ISSUES
2y 10m to grant Granted Jun 02, 2026
Patent 12647461
TECHNIQUES FOR GENERATING POLICY RECOMMENDATIONS AND INSIGHTS USING GENERATIVE AI
2y 8m to grant Granted Jun 02, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
83%
Grant Probability
99%
With Interview (+28.5%)
2y 6m (~1y 4m remaining)
Median Time to Grant
Low
PTA Risk
Based on 551 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month