Ex Parte 6502135 et alDownload PDFPatent Trial and Appeal BoardFeb 6, 201895001679 (P.T.A.B. Feb. 6, 2018) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE ____________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________ CISCO SYSTEMS, INC., Requester, v. VIRNETX INC., Patent Owner. ____________ Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 Technology Center 3900 ____________ Before STEPHEN C. SIU, DENISE M. POTHIER, and JEREMY J. CURCURI, Administrative Patent Judges. SIU, Administrative Patent Judge DECISION ON APPEAL Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 2 VirnetX, Inc. (“Patent Owner”) appeals under 35 U.S.C. §§ 134 and 315 the Examiner’s rejections of claims 1–9 and 13–18 over various references. App. Br. 3.1 Claims 10–12 are not subject to this reexamination proceeding. See id. at vi. We have jurisdiction under 35 U.S.C. §§ 134 and 315. STATEMENT OF THE CASE This proceeding arose from a July 8, 2011 request by Cisco Systems, Inc. (“Requester”) for an inter partes reexamination of claims of U.S. Patent 6,502,135 B1, titled “Agile Network Protocol for Secure Communications with Assured System Availability” and issued to Edmund Colby Munger, Douglas Charles Schmidt, Robert Dunham Short, III, Victor Larson, and Michael Williamson, on December 31, 2002 (“the ’135 patent”). The ’135 patent describes a method and system for communicating over the internet. Spec. 2:66. Claim 1 reads as follows: 1. A method of transparently creating a virtual private network (VPN) between a client computer and a target computer, comprising the steps of: (1) generating from the client computer a Domain Name Service (DNS) request that requests an IP address corresponding to a domain name associated with the target computer; (2) determining whether the DNS request transmitted in step (1) is requesting access to a secure web site; and 1 Patent Owner’s Appeal Brief, filed December 15, 2015 (App. Br.). Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 3 (3) in response to determining that the DNS request in step (2) is requesting access to a secure target web site, automatically initiating the VPN between the client computer and the target computer. The cited references are as follows: Wesinger US 5,898,830 April 27, 1999 Aziz US 6,119,234 Sept. 12, 2000 Karr US 7,764,231 B1 July 27, 2010 D.E. Denning & G.M. Sacco, “Timestamps in Key Distribution Protocols,” Communications of the ACM, Vol. 24, No. 8, August 1981 (“Denning”). Steven M. Bellovin & Michael Merritt, “Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks,” 1992 IEEE Symposium on Security and Privacy, 1992 (“Bellovin”). Takahiro Kiuchi & Shigekoto Kaihara, “C-HTTP – The Development of a Secure, Closed HTTP-based Network on the Internet,” Proceedings of SNDSS, 1996 (“Kiuchi”). C.I. Dalton & J.F. Griffin, “Applying Military Grade Security to the Internet,” Proceedings of the 89th Joint European Networking Conference (JENC 8), May 1997 (“Dalton”). Eduardo Solana & Jurgen Harms, “Flexible Internet Secure Transactions Based on Collaborative Domains,” Security Protocols Workshop, 1997 (“Solana”). David M. Martin, “A Framework for Local Anonymity in the Internet,” Boston University, February 21, 1998 (“Martin”). Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 4 Patent Owner appeals the Examiner’s rejection of claims as follows: 1. Claims 1–4, 7, 13, 14, and 17 under 35 U.S.C. § 102(b) over Kiuchi; 2. Claims 1–5, 7-9, 13, and 18 under 35 U.S.C. § 102(e) over Wesinger; 3. Claims 1–5, 7, 8, and 18 under 35 U.S.C. § 103 over Solana and Kiuchi; 4. Claims 1–5, 7, and 18 under 35 U.S.C. § 102(e) over Aziz; 5. Claims 5, 8, and 18 under 35 U.S.C. § 103 over Kiuchi and any one of either Dalton or the combination of Dalton and Solana; 6. Claim 6 under 35 U S.C. § 103 over (a) the combination of Kiuchi and Martin with or without Solana, (b) the combination of Wesinger and Martin, or (c) the combination of Aziz and Martin; 7. Claim 9 under 35 U.S.C. § 103 over the combination of Bellovin and any one of (a) Kiuchi, (b) Aziz or (c) the combination of Solana, Kiuchi, and Dalton; 8. Claim 13 under 35 U.S.C. § 103 over Aziz and Kiuchi; 9. Claims 13–15 under 35 U.S.C. § 102(b) over Solana; 10. Claim 16 under 35 U.S.C. § l03 over Solana and Karr; 11. Claim 17 under 35 U.S.C. § 103 over Solana and Denning; ISSUE Did the Examiner err in rejecting claims 1–9 and 13–18? Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 5 ANALYSIS Prior art references Martin Patent Owner argues that although the Martin reference indicates a publication date of “‘21st February 1998’ on its first page, nowhere in Martin is there any indication as to what that date means.” App. Br. 4. However, Patent Owner does not argue persuasively that one of skill in the art, when confronted with a date of “21st February 1998” on a first page of a publication, would need further explanation within the reference as to “what that date means.” Rather, one of skill in the art, being of ordinary creativity and not being an automaton would have understood that “21st February 1998” is a date that specifies the 21st day in the month of February and in the year of 1998. Further, one of skill in the art, being of ordinary creativity and not being an automaton would have understood the context of a date printed on the face of a reference article as being the date on which the date was published. Therefore, we are not persuaded by Patent Owner’s implication that because the Martin reference allegedly lacks a detailed explanation as to “what that date means,” that Requester provided an insufficient showing that the Martin reference was published (and publicly available) on the indicated date. In any event, Requester provides further evidence supporting the contention that the Martin reference was publicly available by the indicated date of “21st February 1998.” In particular, Requester provides a document Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 6 “available through the Wayback Machine” that “establishes that the Martin paper was cataloged in the Boston University Technical Reports Archive and available to the public via the Internet even earlier than the February 21, 1998 date” and a “German thesis, unambiguously dated 1999 . . . cites the Martin paper at page 77.” 3PR Resp. Br. 3.2 Patent Owner does not appear to dispute the contents of Requester’s submitted evidence with respect to this issue. Patent Owner argues that Requester’s evidence with respect to this issue “should be rejected and . . . not be considered” and “it is not a ‘rebuttal’ because Patent Owner contended only that Cisco had failed to satisfy its burden in its request.” App. Br. 5. In other words, Patent Owner now argues that Patent Owner never argued that the Martin reference was not publicly available as of the critical date. Assuming Patent Owner’s contention to be correct that Patent Owner never raised the issue of public availability of the Martin reference, then we need not further consider the issue of public availability of the Martin reference, the public availability of the Martin reference not now or ever having been at issue in this proceeding. Lastly, the Manual of Patent Examining Procedure (MPEP) § 2646(II) states: [N]either the patent owner nor the third party requester has the right to . . . request reconsideration of, a finding that the prior art patents or printed publications raise a SNQ/RLP . . . Where the examiner determines that a reference is a printed publication (i.e., that the criteria for publication has been satisfied), . . . 2 Third Party Requester Cisco Systems, Inc.’s Corrected Respondent Brief, filed February 9, 2016 (“3PR Resp. Br.”). Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 7 [t]hese matters cannot be questioned with respect to vacating the order granting reexamination.” MPEP § 2646(II), Rev. 07.2015 (Oct. 2015). Thus, to the extent the above Patent Owner’s arguments asserting Requester’s purported failure “to satisfy its burden in its request” (App. Br. 5) contends that Martin fails to raise a SNQ/RLP and this reexamination proceeding should not vacated on these grounds, Patent Owner is not permitted to question these matters. See id.; see also 35 U.S.C. § 312 (pre-AIA). Dalton Patent Owner argues that Requester “provided no evidence that Dalton was publicly accessible as of the alleged date [of October 30, 1998].” App. Br. 5. To the extent that Patent Owner argues that the Dalton reference was not publicly accessible “as of the alleged date [of October 30, 1998],” Requester provides further evidence supporting the contention that the Dalton reference was publicly available prior to the priority date of the ’135 patent. In particular, Requester argues that “[t]he Dalton paper was originally disseminated with the Proceedings of the 8th Joint European Networking Conference (JENC 8) held May 12-15, 1997” and provides “a copy of the Dalton reference as it was published by Elsevier, indicating on its face that the Dalton paper was received on July 1, 1997 and republished in Volume 29 of the journal in 1997 at pages 1799-1808.” 3PR Resp. Br. 3–4. Requester also “provides an E2S Consortium publication, unambiguously dated 1997, that cites the Dalton paper at page 67.” 3PR Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 8 Resp. Br. 3–4. Patent Owner does not appear to dispute the contents of Requester’s submitted evidence with respect to this issue. Patent Owner argues that Petitioner’s “evidence should have been provided with Cisco’s Request” but does not explain sufficiently why Requester’s evidence pertaining to the public availability of the Dalton reference should have been submitted prior to the point in time of the proceeding at which Patent Owner allegedly raised the issue. App. Br. 5. To the extent that Patent Owner now argues that Patent Owner never raised the issue of public availability of the Dalton reference in the course of this proceeding, we need not further address this “issue,” the “issue” never having been raised in the first place. Solana Patent Owner argues that Requester “provided no evidence that Solana was publicly accessible more than one year prior to the alleged earliest effective date of Feb. 25, 2000.” App. Br. 6. To the extent that Patent Owner argues that the Solana reference was not publicly accessible as of “the alleged earliest effective date of Feb. 25, 2000,” Requester provides further evidence supporting the contention that the Solana reference was publicly available prior to the priority date of the ’135 patent. In particular, Requester argues that “[t]he Solana reference was made available to the public in 1997 as part of the proceedings of the 5th International Workshop on Security Protocols” and provides a copy of the cover of the bound volume for the 5th Internet Workshop on Security Protocols, indicating that the proceedings occurred in April 1997; a title page from the bound Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 9 volume indicating that the 5th International Workshop was held in Paris, France from April 7-9, 1997; a copyright page that includes ISBN number 3-540-64040-1 which corresponds to a February, 1998 publication date for the bound volume; . . . the table of contents showing the Solana paper begins on page 37 . . . [; and] a copy of the ISBN number search results which indicate that ISBN number 3-540-64040-1 corresponds to a publication date of February 1998. 3PR Resp. Br. 4. Patent Owner does not appear to dispute the contents of Requester’s submitted evidence with respect to this issue. Patent Owner argues that Petitioner’s “evidence should have been provided with Cisco’s Request” but does not explain sufficiently why Requester’s evidence pertaining to the public availability of the Dalton reference should have been submitted prior to the point in time of the proceeding at which Patent Owner allegedly raised the issue. App. Br. 6. To the extent that Patent Owner now argues that Patent Owner never raised the issue of public availability of the Solana reference in the course of this proceeding, we need not further address this “issue,” the “issue” never having been raised in the first place. Solana (claims 13–15); Solana and Dalton (claim 16); Solana and Denning (claim 17) Claim 13 recites a “central computer” receiving “a request to establish a connection.” We agree that Solana discloses general methods to “provide Internet transactions with adequate security features” including “the provision of secure end-to-end transactions” in which an “initiator generates a session key . . . a header containing the session key . . . the UNI of the Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 10 responder . . . [and a] header.” Solana 37, 43, 45. Hence, Solana discloses a method for establishing a secure connection (i.e., a “secure end-to-end transaction”) in which an initiating device sends data that results in the formation of the secure connection. Patent Owner argues that Solana discloses a “packet shown arriving at the D-DBS’ in Figure 2a” but that this “packet” “does not include a request to establish a connection.” App. Br. 41. Patent Owner also argues that Solana discloses a “destination address and a session key” and a “header” but that “the mere inclusion of a destination address in the header . . . does not transform the packet into a request for connection.” App. Br. 41. We are not persuaded by Patent Owner’s argument at least because Patent Owner does not explain persuasively how the initiating device sending data that results in establishing a secure connection differs from a “request” to do so. In both cases, an initiating device provides a transmission that results in the establishment of a secure connection. Claim 13 recites a method involving a computer that maintains “authentication tables each corresponding to one of the client computers” and authenticating “with reference to one of the . . . authentication tables.” Patent Owner argues that Solana discloses a Local Authentication Database (i.e., “LAD”) but fails to disclose “authentication tables,” as recited in claim 13. App. Br. 42. Hence, Patent Owner argues that the Local Authentication Database of Solana differs materially from the claimed authentication table. Solana discloses a Local Authentication Database (LAD) “that will contain for each principal (UNI) the local authentication credentials” in which reference to an LAD “verif[ies] the identity of [the] principals inside Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 11 its domain.” Solana 43–44. Hence, Solana discloses an LAD that contains authentication data for each “principal” (e.g., an index/table). Similarly, claim 13 recites an authentication table corresponding to a client computer (or corresponding to a principal) and authenticating a computer (or principal) with reference to one of the authentication tables (or with reference to a corresponding LAD in Solana). Patent Owner fails to explain sufficient distinguishing characteristics between the claimed “authentication table” and the “LAD” of Solana. Patent Owner argues that Solana fails to disclose “that the alleged request to establish a connection . . . is authenticated using the LAD entries.” App. Br. 43. As Patent Owner points out, claim 13 recites “authenticating, with reference to one of the . . . authentication tables, that the request received in step (1) is from an authorized client.” App. Br. 43. As previously discussed, Solana discloses this feature. For example, Solana discloses that reference to an LAD “verif[ies] the identity of the principals in its domain.” Solana 43–44. In other words, Solana discloses authenticating (or “verifying”) that the request is from an authorized client with reference to an authentication table (or with reference to an “LAD”), as recited in claim 13. Patent Owner also argues that Solana fails to disclose each element of claim 13 because, according to Patent Owner, Requester has combined elements from two different embodiments of Solana (namely one embodiment illustrated in Figure 2a of Solana and a second embodiment illustrated in Figure 3a of Solana), which Patent Owner argues is impermissible in establishing anticipation of a claimed invention over a prior Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 12 art reference. App. Br. 44–45. Requester argues that both Figure 2a of Solana and Figure 3a of Solana describe “different tasks” for the same “overall approach ‘to achieve confidentiality and authentication.’” 3PR Resp. 18 (citing Solana 37). Solana discloses that it was known in the art to “provide[] a proof of identity of the entity originating the transaction” and illustrates “different kinds of authentication [that] are possible” in Figure 3a. Solana 46–47. Solana also discloses that it was known in the art to “achieve end-to-end confidentiality using domain collaborations” and describes alternatives “to achieve end-to-end confidentiality using domain collaborations.” Solana 45, Fig. 2a. We agree with Requester that Solana discloses a method of establishing a secure connection between entities in which it was known to those of skill in the art that such a system and method would achieve both “authentication” and “confidentiality” using known methods as disclosed by Solana in Figures 3a and 2a, respectively. In response, Patent Owner reiterates that Requester “impermissibly combine[s] the teachings of two distinct embodiment for an anticipation rejection” because “Figures 2a and 3a represent distinct embodiments in Solana with Figure 2a directed solely to confidential communications, and Figure 3a directed solely to authenticated communications.” Reb. Br. 21. However, Patent Owner does not explain persuasively how Solana’s disclosure of the establishment of a confidential communication link between entities in which users are authenticated constitute “two distinct embodiments.” Rather, Solana disclose potentially multiple approaches to achieving the establishment of a confidential communication link between authenticated entities. Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 13 Dependent claim 15 recites comparing an Internet Protocol (IP) address in a header of each data packet to a table of valid IP addresses maintained in a table in the second computer. Patent Owner does not dispute that Solana discloses a “responder” (i.e., second computer) that “verifies the identity (the UNI) of the initiator,” which “include[s] an IP address” but contends that Solana fails to explicitly disclose that the responder (or second computer) maintains a table of IP addresses, as recited in claim 15. App. Br. 45–47. However, Patent Owner does not explain persuasively that one of skill in the art would not have understood Solana’s computer that verifies the identity of another network entity via identification of an IP address would include the IP address being identified. We agree with the Examiner and Requester that one of skill in the art, given the knowledge that a “responder” uses a corresponding IP address to identify a network entity, would have recognized Solana’s computer included the IP address with which to identify the network entity in some type of data structure (e.g., a table). Otherwise, the responder would have been unable to identify the network entity with the corresponding IP address, the responder not having the corresponding IP address with which to identify the network entity. This would have been in direct contrast to the explicit teaching of Solana that the responder, in fact, identifies the network entity via the corresponding IP address. Patent Owner does not provide further arguments in support of claim 14 with respect to this issue. The Examiner did not err in rejecting claims 13–15 as anticipated by Solana. Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 14 Dependent claim 16 recites “a moving window of valid IP addresses.” The Examiner finds that “Solana teaches . . . valid IP addresses” and that Karr discloses a “moving window of information.” RAN 29 (quoting 3PR April 9, 2014 Response, p. 34).3 Hence, the Examiner finds that one of skill in the art would have known that such information may be used in a “moving window.” See id. Given this teaching, it would have been obvious that information, including known “valid IP address” as disclosed in Solana, would have been provided in a known “moving window,” as taught by Karr. Patent Owner argues that Karr fails to disclose “a moving window of valid IP addresses,” as recited in claim 16. However, as discussed above, the Examiner relies on the combination of Solana and Karr as disclosing or suggesting a “moving window of valid IP addresses” and not on Karr alone. Therefore, even assuming Patent Owner to be correct that Karr, in isolation, fails to disclose or suggest a “moving window of valid IP addresses,” Patent Owner does not assert or demonstrate sufficiently that the combination of Solana and Karr also fails to disclose or suggest the disputed claim limitation. Patent Owner does not provide additional arguments in support of dependent claim 17 with respect to Denning. The Examiner did not err in rejecting claims 13–15 as anticipated by Solana, claim 16 as unpatentable under 35 U.S.C. § 103(a) over Solana and Karr, or claim 17 as unpatentable under 35 U.S.C. § 103(a) over Solana and Denning. 3 Right of Appeal Notice, dated September 15, 2015 (“RAN”). Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 15 Kiuchi (claims 1–4, 7, 13, 14, and 17); Kiuchi and Solana (claims 1–5, 7, 8, and 18); Kiuchi and Dalton (claims 5 and 8); Kiuchi, Solana, and Dalton (claims 5, 8, and 18); Kiuchi and Martin (claim 6); Kiuchi and Bellovin (claim 9) Patent Owner argues that Kiuchi discloses a “client-side proxy” and a “server-side proxy” but fails to disclose a “client computer” or a “target computer,” respectively, as recited in claim 1. Claim 1 recites creating a network between a client computer and a target computer and generating from the client computer a Domain Name Service (DNS) request. Patent Owner argues that the claimed “client computer” must be a “user’s computer” and that Kiuchi fails to disclose a “user’s computer.” App. Br. 10. However, Patent Owner does not explain sufficiently how Kiuchi fails to disclose a “client computer,” which claim 1 recites. As the Examiner points out, Kiuchi discloses a client-side proxy that generates a Domain Name Service (DNS) request. Even assuming that claim 1 recites a “user’s computer” (instead of a “client computer,” which claim 1 actually recites) that generates a Domain Name Service (DNS) request, as Patent Owner appears to allege, Patent Owner does not demonstrate persuasively that the hypothetical “user’s computer” (renamed from “client computer”) differs from the client-side proxy of Kiuchi, which also generates a Domain Name Service (DNS) request. See e.g., Kiuchi 64– 65. Patent Owner argues that the client-side proxy of Kiuchi differs from the claimed “client computer” because “Kiuchi discloses a communication system in which . . . a ‘user agent,’ at one institution is able to securely Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 16 access its target.” App. Br. 11. In other words, Patent Owner argues that Kiuchi discloses a “user agent” that corresponds to the claimed “client computer” such that Kiuchi’s client-side proxy cannot also correspond to the claimed “client computer.” We need not consider whether or not Kiuchi’s “user agent” also discloses the claimed “client computer,” as Patent Owner appears to contend, because Patent Owner does not demonstrate persuasively that Kiuchi’s client-side proxy (equated to the claimed “client computer” by the Examiner) does not generate a Domain Name Service (DNS) request, as recited in claim 1. As noted above, Kiuchi discloses that the client-side proxy performs this recited function. Patent Owner argues that Kiuchi discloses “separate references to the ‘client’ and ‘client-side proxy’ . . . [and] demonstrates that the client-side proxy is not the client itself” such that “Kiuchi . . . distinguishes between a ‘client,’ where an end-user sits, and a ‘client-side proxy,’ which has no end- user.” App. Br. 11–12. In other words, Patent Owner argues that Kiuchi discloses that the “client-side proxy” “has no end-user” and fails to disclose that the “client-side proxy” is “where an end-user sits.” Claim 1 recites “generating from the client computer a Domain Name Service (DNS) request. Claim 1 does not also recite that the client computer must have an “end-user” or that the client computer must be “where an end-user sits.” Indeed, claim 1 does not recite an “end-user” at all. For at least this reason, we are not persuaded by Patent Owner’s argument. Patent Owner argues that the Federal Circuit has held that there was “evidence” that a “web browser” of Kiuchi is “distinguishable from the client-side proxy [of Kiuchi].” App. Br. 12. However, Patent Owner does Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 17 not indicate the probative value of the “evidence” or whether the same evidence is before us. More importantly, the discussed proceeding involved a different patent with a different mapping of Kiuchi to its distinct claim limitations and does not demonstrate persuasively that the “client-side proxy” of Kiuchi is “distinguishable from” the claimed “client computer” in claim 1 of the ’135 patent based on the evidence in the instant record. For at least these reasons, we are not persuaded by Patent Owner’s argument. Claim 1 recites requesting an IP address corresponding to a domain name associated with the target computer. Patent Owner argues that Kiuchi discloses a “URL associated with the origin server . . . not the server-side proxy.” App. Br. 12. However, contrary to Patent Owner’s assertion, Kiuchi discloses that the requested URL is associated with the server-side proxy. For example, Kiuchi discloses a requested “URL” that “specifies” a “host,” the “host” being “the requested server-side proxy [that] is registered in the . . . network.” Kiuchi 65. We are not persuaded by Patent Owner’s argument. Claim 1 recites a “VPN.” Patent Owner argues that Kiuchi fails to disclose a “VPN” because claim 1 supposedly requires the ability “to communicate with the other devices within that same VPN,” that the VPN must be “scalable,” and that devices in the VPN must be “able to communicate with one another without having to discontinue an existing connection or initiate another one.” App. Br. 13. However, Patent Owner does not assert or demonstrate persuasively that claim 1, for example, recites that devices must be “scalable” or must be able to communicate without having to discontinue an existing connection or initiate another one. In any Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 18 event, even assuming that claim 1 recites these hypothetical claim limitations, Patent Owner does not demonstrate persuasively that the devices of Kiuchi are not “scalable” and do not communicate without having to discontinue an existing connection or initiate another one. Rather, Patent Owner contends that Kiuchi discloses a device that allegedly disconnects when the “session is finished.” App. Br. 14. One of skill in the art would have understood that discontinuing a connection after a session is “finished” is distinguishable from discontinuing a connection in order to communicate at all—the two concepts being unrelated to each other. Patent Owner argues that Kiuchi fails to disclose a “VPN” because Kiuchi discloses devices that “do not communicate directly” and fails to disclose devices “directly communicating.” App. Br. 14. Claim 1 does not recite a “directly communicating.” Even assuming that claim 1 recites this hypothetical limitation, Patent Owner does not demonstrate persuasively that the client-side proxy and the server-side proxy (equated by the Examiner to the client and target computers, respectively) do not “directly communicate.” We are not persuaded by Patent Owner’s argument. Claim 1 recites an IP address corresponding to a domain name associated with a target computer. Patent Owner argues that Kiuchi fails to disclose this feature because, according to Patent Owner, the IP address of Kiuchi corresponds to the “origin server” and not the “server-side proxy,” which is equated to the claimed “target computer” by the Examiner. See App. Br. 15–16. We are not persuaded by Patent Owner’s argument. As already noted above, Kiuchi discloses a requested “URL” that “specifies” a “host,” the “host” being “the requested server-side proxy [that] is registered Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 19 in the . . . network.” Kiuchi 65. In any event, even assuming that the “URL” of Kiuchi corresponds directly to the “origin server,” as Patent Owner appears to allege, Patent Owner does not assert or demonstrate persuasively that the “URL” is not “associated with” the server-side proxy. Regardless, Kiuchi discloses that the server-side proxy communicates with the origin server inside the firewall. Kiuchi 66. Hence, Kiuchi’s server-side proxy is “associated with” the origin server and its associated “URL.” Patent Owner argues that Kiuchi fails to disclose determining whether the DNS request is requesting access to a secure web site, as recited in claim 1, because the “server-side proxy” of Kiuchi is supposedly not a “secure web site.” App. Br. 17. Kiuchi discloses that a “connection is established” between the client-side proxy and the server-side proxy in which “a client- side proxy forwards . . . requests [to the server-side proxy] in encrypted form using C-HTTP format” and that the “server-side proxy communicates with an origin server inside the firewall” (Kiuchi 66), such that communication between the client-side proxy and the server-side proxy is encrypted and the server-side proxy communicates with devices (e.g., origin server) behind the firewall. One of skill in the art would have understood that a device that communicates with encrypted transmissions and communicates with devices behind a firewall would be secure. Patent Owner argues that Kiuchi fails to disclose that the server-side proxy is a secure web site because the server-side proxy of Kiuchi, according to Patent Owner is not “one or more web pages at a location on the World Wide Web.” App. Br. 17–18. Claim 1 recites a domain name associated with at target computer. Hence, claim 1 requires that the target Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 20 computer is associated with a domain name. Claim 1 does not also require that the target computer is “one or more web pages at a location on the World Wide Web.” Hence, we are not persuaded by Patent Owner’s contention. Patent Owner argues that Kiuchi fails to disclose a “DNS request.” App. Br. 19. Claim 1 recites a Domain Name Service (DNS) request that requests an IP address corresponding to a domain name associated with the target computer. Kiuchi discloses that a “client-side proxy asks the . . . name server whether it can communicate with the host specified in a given URL . . . (and if) the connection is permitted, the . . . name server sends the [requested] IP address . . . .” Kiuchi 65. In other words, Kiuchi discloses a “request” (i.e., “asks” the server) for an IP address (i.e., the requested “IP address” of Kiuchi) associated with the target computer (i.e., “server-side proxy”). Patent Owner argues that “Kiuchi does not expressly disclose the ‘DNS request’ . . . [because] Kiuchi . . . repeatedly differentiates its C-HTTP features from DNS,” that “Kiuchi explains that the C-HTTP name service is used ‘instead of DNS,’” that “the ‘DNS name service is not used for hostname resolution,’” and that “a ‘DNS lookup’ is only performed after a permission request to the C-HTTP name server fails.” App. Br. 19. However, Patent Owner does not explain persuasively how the request of Kiuchi (i.e., “asks” the server) differs from the claimed “DNS request” that, like Kiuchi, requests an IP address corresponding to a desired domain name. Dependent claim 2 recites that “steps (2) and (3) [of claim 1] are performed at a DNS server separate from the client computer” and claim 1 Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 21 recites “automatically initiating the VPN between the client computer and the target computer.” As the Examiner explains, Kiuchi discloses that the “client-side proxy asks the C-HTTP name server whether it can communicate” and “[i]f the connection is permitted, the C-HTTP name server sends the IP address and public key of the server-side proxy and . . . Nonce values” and that, subsequently, “the connection is established.” Kiuchi 65, 66. In other words, Kiuchi discloses that a “client-side proxy” sends a request to a C-HTTP name server for a secure connection with a target computer (i.e., “asks” the name server) and, in response, the C-HTTP name server “initiates” the connection (i.e., sends the IP address, public key, and Nonce values prior to “the connection [being] established”). Patent Owner argues that Kiuchi fails to disclose “automatically initiating the VPN,” as recited in claim 2 (and claim 1) because “[t]he mere sending of Nonce values by the C-HTTP name server to the client-side proxy does not initiate a VPN between the client-side and server-side proxies.” App. Br. 20. However, Patent Owner does not explain persuasively how the “C-HTTP name server” performing a step (i.e., sending values) that subsequently results in “the connection [being] established” differs from the claim feature of automatically initiating a connection. In both cases, a step is performed by a server that results in the subsequent formation of a secure connection between devices. Dependent claim 3 recites returning the IP address in response to determining that the DNS request in step (2) is not requesting access to a secure target web site. As the Examiner points out, Kiuchi discloses a “client-side proxy asks . . . whether it can communicate” and “[i]f the Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 22 connection is permitted, the C-HTTP name server sends the IP address.” Kiuchi 65. Hence, Kiuchi discloses returning a requested IP address in response to determining that the connection is permitted (i.e., not requesting access to a secure target web site). One of skill in the art would have understood that a user without access to a secure site would not be permitted to access the secure site, the user not having access to the secure site in the first place. Since Kiuchi discloses returning the requested IP address “if the connection is permitted,” one of skill in the art would have understood that the “permitted” connection is not to a secure site to which the user is not permitted access. Regarding dependent claim 4, Patent Owner reiterates arguments that Kiuchi supposedly fails to disclose a “client computer.” We are not persuaded by Patent Owner’s arguments for at least the previously discussed reasons. Claim 13 recites a method involving a computer that maintains “authentication tables each corresponding to one of the client computers” and authenticating “with reference to one of the . . . authentication tables.” As the Examiner explains, Kiuchi discloses a method involving a computer (i.e., a “C-HTTP name server”) that sends an “IP address” corresponding to a request. One of skill in the art would have understood that in order to send an IP address corresponding to a request, the C-HTTP name server would maintain the IP address data with corresponding (requested) domain names. Otherwise, the C-HTTP name server would not maintain such data and would not be capable of returning the desired IP address. This would be Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 23 contrary to Kiuchi’s explicit disclosure that the desired IP address is, in fact, returned. Patent Owner argues that Kiuchi fails to disclose a “table,” as recited in claim 13. App. Br. 22. As previously discussed, claim 13 requires that an “authentication table” corresponds to one of the client computers and authenticating is “with reference to” one of the authentication tables. Kiuchi discloses that IP address data and corresponding (requested) domain names are maintained by the C-HTTP name server and that authentication is with reference to the requested domain name and corresponding IP address data. Patent Owner does not explain a sufficient difference between the “table,” as recited in claim 13 and the data maintained by the C-HTTP name server of Kiuchi, both of which are maintained by a “computer” and both of which are “referenced” in the process of authenticating. Patent Owner appears to argue that the data maintained by Kiuchi differs from the claimed “tables” because Kiuchi fails to disclose the precise term “table.” We are not persuaded by Patent Owner. For a prior art reference to anticipate in terms of 35 U.S.C. § 102, every element of the claimed invention must be identically shown in a single reference. However, this is not an “ipsissimis verbis” test. In re Bond, 910 F.2d 831, 832 (Fed. Cir. 1990). Therefore, it is immaterial whether or not Kiuchi discloses the term “table” or not. Patent Owner argues that Kiuchi fails to disclose a “central computer” that “receives a request to establish a connection,” as recited in claim 13. App. Br. 24. Specifically, Patent Owner argues that Kiuchi discloses a client-side proxy “sends a request for connection to the server-side proxy” Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 24 but that the request is not “received at the C-HTTP name server (the alleged ‘central computer’).” App. Br. 24. As previously discussed, Kiuchi discloses that the “client-side proxy asks the C-HTTP name server whether it can communicate . . . .” Kiuchi 65. One of skill in the art would have understood that when a device “asks” another device, the device would be sending a “request” to the other device. Hence, we are not persuaded by Patent Owner’s argument that Kiuchi supposedly fails to disclose that a request is “received at the C-HTTP name server (the alleged ‘central computer’).” Patent Owner argues that Martin fails to disclose an “IP address hopping scheme,” as recited in dependent claim 6, because, according to Patent Owner, Martin discloses that “the client chooses an address at the outset that does not change.” App. Br. 27. Claim 6 recites an “IP address hopping scheme” but does not appear to also recite that a client must not choose an address at the outset that does not change. In fact, claim 6 does not appear to recite changing an address at all. Therefore, we need not consider whether or not Martin discloses this hypothetical claim limitation. Patent Owner also argues that Martin discloses “selection and use of an address” but fails to disclose “any ‘hops’ at all.” App. Br. 27. However, Patent Owner does not explain a sufficient difference between choosing “a random source address/port pair” (that Patent Owner alleges Martin discloses) and the claimed IP address hopping scheme. App. Br. 27. Dependent claim 5 recites determining whether the client computer is authorized to resolve addresses of non secure target computers and, if not so authorized, returning an error from the DNS request. Patent Owner argues Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 25 that Kiuchi discloses “a ‘closed group of institutions on the Internet’ for C- HTTP connections” and Dalton discloses “that some clients may have access to resources outside the system.” Patent Owner further extrapolates Dalton’s disclosure to solely include “open-access system[s]” and argues that “Kiuchi does not contemplate an open-access system such as [systems disclosed by] Dalton.” App. Br. 25. To the extent that Patent Owner argues that Kiuchi teaches away from Dalton (or vice versa), we are not persuaded by Patent Owner’s arguments for at least the reasons set forth by Requester. 3PR Resp. Br. 10–11. For example, Kiuchi discloses a network in which users may communicate via secure communications. See, e.g., Kiuchi 64 (“[a] client-side proxy and server-side proxy communicate with each other using a secure, encrypted protocol”). Dalton also discloses network communication “that is secure enough to implement services that are accessed over the Internet.” Dalton Abstract. In other words, both Kiuchi and Dalton disclose network systems in which users communicate via secure communications. Patent Owner does not adequately explain how one network system for secure communications (e.g., Dalton) “teaches away” from another network system for secure communications (e.g., Kiuchi). In both cases, a network system is provided in which users communicate securely. To the extent that Patent Owner argues that Kiuchi discloses a “closed system,” that Dalton discloses an “open system” and that it would not have been obvious to one of skill in the art to have bodily incorporated the alleged “open system” of Dalton with the alleged “closed system” of Kiuchi, we note that “[t]he test for obviousness is not whether the features of a Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 26 secondary reference may be bodily incorporated into the structure of the primary reference; . . . Rather, the test is what the combined teachings of those references would have suggested to those of ordinary skill in the art.” In re Keller, 642 F.2d 413, 425 (CCPA 1981). Hence, we are not persuaded by Patent Owner’s argument. Patent Owner does not provide additional arguments in support of claims 7, 8, 14, or 17 or arguments with respect to the Examiner’s rejection of claim 9 under 35 U.S.C. 103(a) as unpatentable over Kiuchi and Bellovin. App. Br. 24, 26. The Examiner did not err in rejecting claims 1–4, 7, 13, 14, and 17 as anticipated by Kiuchi, claims 5 and 8 as unpatentable over Kiuchi and Dalton, claim 6 as unpatentable over Kiuchi and Martin, or claim 9 as unpatentable over Kiuchi and Bellovin. Patent Owner argues that it would not have been obvious to one of ordinary skill in the art to have combined the teachings of Kiuchi with that of Solana because, according to Patent Owner, “[a]ll transmissions” of Solana are secure and, therefore, “it would have been unnecessary to modify the Solana system . . . to determine whether a . . . request is requesting access to a secure web site.” App. Br. 49–50. However, the Examiner’s rejection of the disputed claims is based on whether it would have been obvious to one of ordinary skill in the art to have combined Kiuchi’s and Solana’s teachings and not whether it would have been necessary to one of ordinary skill in the art to do so. Thus, even assuming Patent Owner’s contention to be correct that it would not have been necessary to determine if a web site is secure, Patent Owner does not argue persuasively that it would also not have been obvious based on references’ teachings to determine if a Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 27 web site is secure. Given that both Kiuchi and Solana disclose secure communications, we agree with the Examiner and Requester that it would have been obvious to one of ordinary skill in the art to have determined if an entity in a secure communication is secure or not. Otherwise, one of ordinary skill in the art would not have known whether or not a network entity is secure, not having determined if the entity is secure in the first place, and would not have ascertained whether or not the communication itself is secure, not having ascertained whether or not the entities involved in the communication themselves are secure. Patent Owner also argues that it would not have been obvious to one of ordinary skill in the art to have combined the teachings of Kiuchi and Solana because, according to Patent Owner, it would not have been necessary to combine the references given that the “initiator” allegedly “already has the . . . UNI when it sends the query.” App. Br. 48. We are not persuaded by Patent Owner’s arguments for reasons previously discussed above. Patent Owner argues that Solana fails to disclose generating a DNS request (App. Br. 48) but does not persuasively argue that Kiuchi also fails to disclose this feature. Thus, even assuming Patent Owner’s contention that Solana fails to disclose this feature, we are not persuaded by Patent Owner that the combination of Kiuchi and Solana also fails to disclose this feature for at least the reasons previously discussed above. Patent Owner does not provide additional arguments in support of claims 5, 8, and 18 with respect to Dalton; claim 9 with respect to Bellovin and/or Dalton; or claim 6 with respect to Martin. The Examiner did not err Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 28 in rejecting claims 1–5, 7, 8, and 18 as unpatentable under 35 U.S.C. § 103(a) over Kiuchi and Solana; claims 5, 8, and 18 as unpatentable under 35 U.S.C. § 103(a) over Kiuchi, Solana, and Dalton; claim 9 as unpatentable under 35 U.S.C. § 103(a) over Kiuchi, Solana, Dalton, and Bellovin; and claim 6 as unpatentable under 35 U.S.C. § 103(a) over Kiuchi, Solana, and Martin. In view of the above, we need not consider the propriety of the Examiner’s non-adoption of the rejection of claims based on other grounds. Cf. In re Gleave, 560 F.3d 1331, 1338 (Fed. Cir. 2009). DECISION We affirm the Examiner’s rejection of claims 1–4, 7, 13, 14, and 17 35 U.S.C. § 102 as anticipated by Kiuchi; claims 5 and 8 under 35 U.S.C. § 103(a) as unpatentable over Kiuchi and Dalton; claim 6 under 35 U.S.C. § 103(a) as unpatentable over Kiuchi and Martin; claim 9 under 35 U.S.C. § 103(a) as unpatentable over Kiuchi and Bellovin; claims 13–15 under 35 U.S.C. § 102 as anticipated by Solana; claims 1–5, 7, 8, and 18 under 35 U.S.C. § 103(a) as unpatentable over Kiuchi and Solana; claims 5, 8, and 18 under 35 U.S.C. § 103(a) as unpatentable over Kiuchi, Solana, and Dalton; claim 9 under 35 U.S.C. § 103(a) as unpatentable over Kiuchi, Solana, Dalton, and Bellovin; claim 6 under 35 U.S.C. § 103(a) as unpatentable over Kiuchi, Solana, and Martin; claim 16 under 35 U.S.C. § 103(a) as unpatentable over Solana and Karr; and claim 17 under 35 U.S.C. § 103(a) as unpatentable over Solana and Denning. Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 29 Requests for extensions of time in this inter partes reexamination proceeding are governed by 37 C.F.R. § 1.956. See 37 C.F.R. § 41.79. In the event neither party files a request for rehearing within the time provided in 37 C.F.R. § 41.79, and this decision becomes final and appealable under 37 C.F.R. § 41.81, a party seeking judicial review must timely serve notice on the Director of the United States Patent and Trademark Office. See 37 C.F.R. §§ 90.1 and 1.983. AFFIRMED Appeal 2017-011862 Reexamination Control 95/001,679 Patent 6,502,135 B1 30 PATENT OWNER: FINNEGAN, HENDERSON, FARABOW, GARRETT & DUNNER LLP 901 NEW YORK AVENUE, NW WASHINGTON DC 20001-4413 THIRD PARTY REQUESTER: SIDLEY AUSTIN LLP 2001 ROSS AVENUE SUITE 3600 DALLAS, TX 75201 kis Copy with citationCopy as parenthetical citation
