Ex Parte Bell et alDownload PDFPatent Trial and Appeal BoardMar 21, 201411042901 (P.T.A.B. Mar. 21, 2014) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE ____________________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________________ Ex parte ROBERT T. BELL and DOUGLAS Q. DEXTER1 ____________________ Appeal 2011-009008 Application 11/042,901 Technology Center 2400 ____________________ Before ST. JOHN COURTENAY III, THU A. DANG, and LARRY J. HUME, Administrative Patent Judges. HUME, Administrative Patent Judge. DECISION ON APPEAL This is a decision on appeal under 35 U.S.C. § 134(a) of the Final Rejection of claims 1, 3-7, 9, 12-16, 18-21, 23, 24, and 26-29. The Examiner objected to claims 2, 8, 10, 11, 17, 22, and 25 for their dependence upon a rejected base claim, but are otherwise allowable if rewritten in independent form. Ans. 9. We have jurisdiction under 35 U.S.C. § 6(b). We AFFIRM. 1 The Real Party in Interest is Cisco Technology, Inc. App. Br. 3. Appeal 2011-009008 Application 11/042,901 2 STATEMENT OF THE CASE2 The Invention Appellants’ invention relates to a system and method for obtaining a digital certificate for an endpoint in which a connection is established between a proxy function module and the endpoint. See Abstract. Exemplary Claims Claims 1 and 29, reproduced below, are representative of the subject matter on appeal (emphases added): 1. A method of establishing a digital certificate on an endpoint, the method comprising: establishing a connection between a proxy function module and the endpoint, the proxy function module remotely located from the endpoint, and the proxy function module operable to communicate with the endpoint and a certificate authority, wherein the establishing the connection between the proxy function module and the endpoint further comprises authenticating the proxy function module by: generating digitally signed information at the proxy function module, communicating the digitally signed information to the endpoint, and authenticating the digitally signed information at the endpoint; generating certification information at the endpoint; 2 Our decision refers to Appellants’ Appeal Brief (“App. Br.,” filed Oct. 25, 2010); Reply Brief (“Reply Br.,” filed Mar. 22, 2011); Examiner’s Answer (“Ans.,” mailed Jan. 25, 2011); Final Office Action (“FOA,” mailed May 27, 2010); and the original Specification (“Spec.,” filed Jan. 25, 2005). Appeal 2011-009008 Application 11/042,901 3 transmitting at least a portion of the certification information to the proxy function module, the proxy function module operable to package the at least the portion of certification information in a certificate request and operable to obtain a digital certificate from a certificate authority based on the certificate request; receiving the digital certificate at the endpoint from the proxy function module; and transmitting a request to the proxy function module to obtain an updated digital certificate, the proxy function module operable to package the at least the portion of certification information in a certificate update request and operable to obtain the updated digital certificate from the certificate authority based on the certificate update request. 29. The method of Claim 28, wherein the confirmation information identifies an expiration date of the digital certificate, the method further comprising: generating a second request at the proxy function module at a predetermined time period relative to the expiration date of the digital certificate, the second request requesting that the endpoint seek a new digital certificate; and communicating the second request to the endpoint. Prior Art The Examiner relies upon the following prior art as evidence in rejecting the claims on appeal: Hind US 6,980,660 B1 Dec. 27, 2005 Kadyk US 6,996,841 B1 Feb. 7, 2006 Appeal 2011-009008 Application 11/042,901 4 Rejection on Appeal3 Claims 1, 3-7, 9, 12-16, 18-21, 23, 24, and 26-29 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over the combination of Hind and Kadyk. Ans. 3. ISSUES AND ANALYSIS We only consider those arguments actually made by Appellants in reaching this decision, and we do not consider arguments which Appellants could have made but chose not to make in the Briefs so that any such arguments are deemed to be waived. 37 C.F.R. § 41.37(c)(1)(vii). We have reviewed the Examiner’s rejections in light of Appellants’ arguments that the Examiner has erred. We disagree with Appellants’ arguments with respect to claims 1, 3-7, 9, 12-16, 18-21, 23, 24, and 26-29, and we adopt as our own (1) the findings and reasons set forth by the Examiner in the action from which this appeal is taken and (2) the reasons and rebuttals set forth by the Examiner in the Examiner’s Answer in response to Appellants’ Arguments. However, we highlight and address 3 We note the Examiner indicated allowable subject matter with respect to claims 2, 8, 10, 11, 17, 22, and 25, but objected to these claims for their dependence upon rejected base claims. FOA 3; Ans. 9. However, Appellants state, as one of their “Grounds of Rejection to be Reviewed on Appeal” (App. Br. 18), “3. Are Claims 2-3, 8, 10-12, 17-18, 22, and 25 properly objected to as being dependent upon rejected base claims?” We note claim objections are petitionable, not appealable, and therefore this issue is not before us on appeal. See MPEP § 1002.02(c)(4). Thus, the relief sought by the Appellants would have been properly presented by a petition to the Director under 37 C.F.R. § 1.181 instead of by appeal to this Board. Appeal 2011-009008 Application 11/042,901 5 specific findings and arguments regarding claims 1 and 29 for emphasis as follows. 1. § 103 Rejection of Claims 1, 3-7, 9, 12-16, 18-21, 23, 24, and 26-28 Issue 1 Appellants argue (App. Br. 19-23; Reply Br. 2-5) the Examiner’s rejection of claim 1 under 35 U.S.C. § 103(a) as being unpatentable over the combination of Hind and Kadyk is in error. These contentions present us with the following issues: (a) Did the Examiner err in finding the cited prior art combination teaches or suggests the limitation of “transmitting a request to the proxy function module to obtain an updated digital certificate, the proxy function module operable to . . . obtain the updated digital certificate from the certificate authority based on the certificate update request,” as recited in claim 1? (b) Did the Examiner err in combining Kadyk with Hind because Kadyk allegedly teaches away from the claimed invention? Analysis Issue 1(a) Appellants contend Hind discloses “a method [that] is provided to initialize devices distributed with an embedded radio module which are delivered to a central point, such as an enterprise, prior to distribution to end users.” . . . [and] Hind makes clear that the method described by Figure 1 is a “one-time initialization procedure.” Appeal 2011-009008 Application 11/042,901 6 App. Br. 20 (quoting Hind col. 8, ll. 45-48; col. 11, ll. 60-61). Further, Appellants contend “Hind merely discloses that ‘the device’s certificate may be revoked’ or that ‘the device certificate [may] expire and require the user of the device to periodically renew the device certificate,’” and “[r]equiring a user to periodically renew a revoked or expired device certificate, however, does not disclose, teach, or suggest that the ‘process outline[d] in [Hind] Col. 9, Line 14-51’ is used to update or renew expired or revoked certificates.” Id. Appellants reiterate Hind emphasizes the process is used merely to initialize devices, which does not teach or suggest the disputed limitations of claim 1, and Kadyk does not make up for the purported deficiencies of Hind. App. Br. 20-21. In response, the Examiner finds, and we agree, Appellants’ Specification describes . . . a process of obtaining a digital certificate for an endpoint and in the event that a digital certificate for an endpoint is out-of-date/expired, the expired digital certificate is updated by obtaining a new digital certificate using the same method described in the specification for obtaining a digital certificate. Ans. 7 (citing Spec. 20:16-23) (emphasis omitted). The Examiner further finds, “Hind[] teaches a method of using a proxy module (server) to obtain a certificate for an endpoint (mobile device) from a certificate authority . . . . [which teaches or suggests] the argued limitation.” Id. (citing Hind col 12, ll. 4-18). The Examiner also finds Hind teaches or suggests, “an endpoint certificate may be revoked, expired or out of date and in that case, a certificate update or renewal is required and the update is achieved by the Appeal 2011-009008 Application 11/042,901 7 server obtaining a (up-to-date) digital certificate from the CA [(Certificate Authority)] for the mobile device.” Ans. 7-8. We find Hind teaches or suggests the limitation in dispute because the claim merely requires transmitting a request to the proxy function module to obtain an updated digital certificate, the proxy function module operable to package the at least the portion of certification information in a certificate update request and operable to obtain the updated digital certificate from the certificate authority based on the certificate update request. Claim 1. We find Hind teaches or suggests this limitation because not only does Hind teach sending a request to obtain a digital certificate to the CA, but also teaches or suggests requesting renewal of revoked digital certificates by the user, as cited by the Examiner. Hind col. 12, ll. 4-18. Appellants argue [A]ttempting to use Hind’s one-time initialization procedure to update certificates would be unnecessarily disruptive to the end user [and o]ne of ordinary skill in the art would not use Hind’s one-time initialization procedure to update certificates because it presumably would require pulling the device out of service, returning the device to an off-line administrator, and forcing the device’s user to go without service as the administrator resets and reinitializes the device. Reply Br. 4. We disagree with Appellants’ contentions because Appellants’ assertions amount to unsupported attorney argument, and therefore we give them little weight. See In re Geisler, 116 F.3d 1465, 1470 (Fed. Cir. 1997); see also In re Huang, 100 F.3d 135, 139-40 (Fed. Cir. 1996). In addition, Appellants do not provide any arguments with respect to the specific teachings of Kadyk relied upon by the Examiner, i.e., “Kadyk Appeal 2011-009008 Application 11/042,901 8 teaches a method of establishing a secure connection between a client and a proxy by authenticating a digital certificate sent from the proxy to the client.” Ans. 4. Therefore, we find the combination of Hind and Kadyk teaches or suggests all the limitations of claim 1. Issue 1(b) Appellants contend Kadyk “teaches away from various elements of Appellants’ Claims.” App. Br. 21. In particular, Appellants contend a client as taught by Kadyk only establishes a secure proxy connection that determines where data should be sent, and otherwise merely operates as a transparent byte forwarder which teaches away from the claimed proxy function module that is “operable to package the at least the portion of certification information in a certificate update request and operable to obtain the updated digital certificate from the certificate authority based on the certificate update request.” Therefore, Appellants argue, the Examiner’s combination of Kadyk and Hind is improper. App. Br. 22. In response, the Examiner finds: The use of the secondary reference in this rejection is to show that a secure connection/authentication can be established between the mobile device and server using the authentication process (using digitally signed information sent by the proxy and authenticated by the endpoint) that is disclosed by Kadyk and also well known in the art. Hind as the primary reference discloses all the limitation [sic] of the independent claim including the secure connection/authentication between the mobile and the server. The secondary reference (Kadyk) was used to teach that the claimed authentication process is well known in the art and one of ordinary would have modified Appeal 2011-009008 Application 11/042,901 9 Hind’s teaching to use such authentication process as presented in the Final Office Action. Ans. 9. We do not agree with Appellants’ contention Kadyk teaches away from the claimed invention. “A reference may be said to teach away when a person of ordinary skill, upon reading the reference, would be discouraged from following the path set out in the reference, or would be led in a direction divergent from the path that was taken by the applicant.” Ricoh Co., Ltd. v. Quanta Computer, Inc., 550 F.3d 1325, 1332 (Fed. Cir. 2008) (citations omitted). A reference does not teach away if it merely expresses a general preference for an alternative invention from amongst options available to the ordinarily skilled artisan, and the reference does not discredit or discourage investigation into the invention claimed. In re Fulton, 391 F.3d 1195, 1201 (Fed. Cir. 2004). One of ordinary skill in the art would have understood Kadyk’s authentication process to be an alternative to Hind’s teaching of a secure connection between the mobile device (endpoint) and the server (proxy module) before the server obtains a digital certificate for the mobile device. See Hind col. 9, ll. 23-30. In the absence of persuasive evidence to the contrary, we fail to find that Kadyk teaches away from “establishing the secure connection or authentication by generating digitally signed information at the proxy function module, communicating the digitally signed information to the endpoint and authenticating the digitally signed information at the endpoint.” Ans. 8. In the Reply, Appellants argue “[t]he Examiner’s Answer does not respond to any of Appellants’ teach away arguments with any coherent rebuttal. . . . [and t]he Examiner’s argument is irrelevant [because] Appeal 2011-009008 Application 11/042,901 10 Appellants’ Appeal Brief presents reasons why Kadyk teaches away from the claimed invention, and the Examiner’s Answer effectively ignores those reasons.” Reply Br. 5 (emphasis omitted). We disagree with Appellants’ assertions in the Reply, and we are not persuaded by Appellants’ arguments cited above in either of the Appeal or Reply Briefs regarding the purported “teaching away” of Kadyk. Accordingly, Appellants have not provided sufficient evidence or argument to persuade us of any reversible error in the Examiner’s reading of the contested limitations on the cited prior art. Therefore, we sustain the Examiner’s obviousness rejection of independent claim 1. As Appellants have not provided separate, substantive arguments with respect to independent claims 6, 9, 16, 20, 23, 26, and 27 and dependent claims 3-5, 7, 12-15, 18, 19, 21, 24, and 28, all rejected on the same basis as claim 1, we similarly sustain the Examiner’s rejection of these claims under 35 U.S.C. § 103(a). Arguments not made are considered waived. See Hyatt v. Dudas, 551 F.3d 1307, 1314 (Fed. Cir. 2008) (“When the appellant fails to contest a ground of rejection to the Board, section 1.192(c)(7) [(now section 41.37(c)(1)(vii))] imposes no burden on the Board to consider the merits of that ground of rejection . . . . [T]he Board may treat any argument with respect to that ground of rejection as waived.”). 2. § 103 Rejection of Dependent Claim 29 Issue 2 Appellants argue (App. Br. 23-24; Reply Br. 6) the Examiner’s rejection of dependent claim 29 under 35 U.S.C. § 103(a) as being Appeal 2011-009008 Application 11/042,901 11 unpatentable over the combination of Hind and Kadyk is in error. These contentions present us with the following issue: Did the Examiner err in finding the cited prior art combination teaches or suggests the limitations of “generating a second request at the proxy function module at a predetermined time period relative to the expiration date of the digital certificate, the second request requesting that the endpoint seek a new digital certificate; and communicating the second request to the endpoint,” as recited in claim 29? Analysis Appellants contend Hind “[r]equir[es] a user of a device to periodically renew a device certificate by providing a validity period field in the certificate,” but does not teach or suggest the limitations in dispute. App. Br. 23 (citing Hind col. 12, ll. 11-18). In response to Appellants’ arguments in the Appeal Brief, the Examiner finds claim [29] is directed to renewal or updating of an expired digital certificate which was addressed . . . above. . . . [with respect to claim 1, and such a] request to update/renew an expired digital certificate [teaches] applicant’s “second request requesting that the endpoint seek a new digital certificate” and Hind discloses periodic renewal of expired or out-of-date certificates. Ans. 9 (citing Hind col. 12, ll. 4-18). In the Reply, Appellants allege “[t]he Examiner’s Answer effectively ignores the language of Claim 29 and[,] . . . . while Hind states that a user may be required to periodically renew a device certificate, Hind does not disclose, teach, or suggest any method for how to periodically renew a device certificate.” Reply Br. 6. Appeal 2011-009008 Application 11/042,901 12 We agree with the Examiner’s finding the claim is directed to renewal or updating of an expired digital certificate . . . [as] in the response to argument A [claim 1] above. This request to update/renew an expired digital certificate [teaches or suggests] . . . “second request requesting that the endpoint seek a new digital certificate” and Hind discloses periodic renewal of expired . . . certificates. Ans. 9 (citing Hind col. 12, ll. 4-18). We note Appellants’ arguments are not commensurate with the scope of claim 29, which does not recite the precise mechanism of “how” an expired certificate is periodically renewed. Instead, claim 29 merely recites a “second request” is generated “at the proxy function module at a predetermined time period relative to the expiration date of the digital certificate,” which requests “the endpoint seek a new digital certificate.” We note Hind teaches the most effective method of revocation and denial of access is to have the device certificate expire and require the user of the device to periodically renew the device certificate [and a] validity period field is provided in the certificate for this purpose . . . . FIG. 5 depicts this in further detail. Hind col. 12, ll. 13-18. As pointed out by the Examiner (Ans. 4), we find administrative server 1001 and/or first resource 5001 in Hind performs the recited certificate renewal function. See Hind col. 9, ll. 41-48; Fig. 1A, reference 1001; Fig. 5A, reference 5001. Accordingly, Appellants have not provided sufficient evidence or argument to persuade us of any reversible error in the Examiner’s reading of the contested limitations on the cited prior art. Therefore, we sustain the Examiner’s obviousness rejection of dependent claim 29. Appeal 2011-009008 Application 11/042,901 13 CONCLUSION The Examiner did not err with respect to the rejection of claims 1, 3-7, 9, 12-16, 18-21, 23, 24, and 26-29 under 35 U.S.C. § 103(a) over the combination of Hind and Kadyk, and we sustain the rejection. DECISION We affirm the Examiner’s decision rejecting claims 1, 3-7, 9, 12-16, 18-21, 23, 24, and 26-29. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(1)(iv) (2011). AFFIRMED bab Copy with citationCopy as parenthetical citation
