From Casetext: Smarter Legal Research

Virnetx Inc. v. Cisco Sys., Inc.

United States Court of Appeals for the Federal Circuit
Jun 28, 2019
2018-1751 (Fed. Cir. Jun. 28, 2019)

Opinion

2018-1751

06-28-2019

VIRNETX INC., Appellant v. CISCO SYSTEMS, INC., Appellee

STEPHEN BLAKE KINNAIRD, Paul Hastings LLP, Washington, DC, argued for appellant. Also represented by NAVEEN MODI, JOSEPH PALYS, IGOR VICTOR TIMOFEYEV, MICHAEL WOLFE, DANIEL ZEILBERGER. THEODORE M. FOSTER, Haynes & Boone, LLP, Dallas, TX, argued for appellee. Also represented by DAVID L. MCCOMBS, ANDREW S. EHMKE, DEBRA JANECE MCCOMAS.


NOTE: This disposition is nonprecedential. Appeal from the United States Patent and Trademark Office, Patent Trial and Appeal Board in No. 95/001,851. STEPHEN BLAKE KINNAIRD, Paul Hastings LLP, Washington, DC, argued for appellant. Also represented by NAVEEN MODI, JOSEPH PALYS, IGOR VICTOR TIMOFEYEV, MICHAEL WOLFE, DANIEL ZEILBERGER. THEODORE M. FOSTER, Haynes & Boone, LLP, Dallas, TX, argued for appellee. Also represented by DAVID L. MCCOMBS, ANDREW S. EHMKE, DEBRA JANECE MCCOMAS. Before CHEN, BRYSON, and HUGHES, Circuit Judges. HUGHES, Circuit Judge.

This is a patent case involving domain name service systems. VirnetX Inc. appeals a decision of the Patent Trial and Appeal Board in an inter partes reexamination of U.S. Patent No. 7,418,504 B2, owned by VirnetX. See Cisco Sys. Inc. v. VirnetX Inc., No. 95/001,851 (P.T.A.B. Sept. 12, 2016). The Board affirmed the Examiner's rejection of claims 1-35 and 60 as either anticipated or obvious. Because the Board failed to address VirnetX's arguments and failed to make necessary factual findings for the rejection of claims 5, 12, and 13, we vacate the Board's decision on those claims and remand for further proceedings. Because we find no reversible error in the Board's rejections of claims 1-4, 6-11, 14-35, and 60, we affirm.

I

A.

The '504 patent, entitled "Agile Network Protocol for Secure Communications Using Secure Domain Names," is directed to a domain name service (DNS) system that facilitates secure communications over the internet. Communications over the internet typically employ the Transmission Control Protocol/Internet Protocol, under which each computer connected to the internet is assigned a unique Internet Protocol (IP) address (e.g., 123.34.567.89). Because IP addresses are difficult for users to remember, they are commonly associated with a user-friendly domain name (e.g., pbs.org). A DNS server links IP addresses with their associated domain names. For example, when a user types a domain name into her web browser, the browser transmits a domain name request to the DNS server. The DNS server then converts the domain name into its corresponding IP address and returns the IP address to the user's browser. Finally, the browser uses the IP address to establish contact with the destination web site.

The '504 patent addresses security vulnerabilities of prior art internet communications. For example, it explains that "nefarious listeners on the Internet could intercept the DNS [request] and DNS [response] packets and thus learn what IP addresses the user was contacting." '504 patent col. 39 ll. 24-27. The '504 patent addresses this by providing a

specialized DNS server [that] traps DNS requests and, if the request is from a special type of user (e.g., one for which secure communication services are defined), the server does not return the true IP address of the target, but instead automatically sets up a virtual private network between the target node and the user.
Id. col. 39 ll. 46-51.

Independent claim 1 of the '504 patent, reproduced below, is representative of the rejected claims.

1. A system for providing a domain name service for establishing a secure communication link, the system comprising:

a domain name service system configured to be connected to a communication network, to store a plurality of domain names and corresponding network addresses, to receive a query for a network address, and to comprise an indication that the domain name service system supports establishing a secure communication link.
Id. col. 55 ll. 49-56 (emphasis added).

Claims 5, 12, and 13 depend from claim 1. Claim 5 requires that "the domain name service system is configured to authenticate the query using a cryptographic technique." Id. col. 55 ll. 65-67 (emphasis added). Claim 12 requires that "the virtual private network is based on comparing a value in each data packet transmitted between a first device and a second device to a moving window of valid values." Id. col. 56 ll. 19-22. Claim 13 requires that "the virtual private network is based on a comparison of a discriminator field in a header of each data packet to a table of valid discriminator fields maintained for a first device." Id. col. 56 ll. 23-26.

B.

Cisco Systems, Inc. requested inter partes reexamination of claims 1-60 of the '504 patent on multiple grounds of invalidity. The patent office granted Cisco's request in March 2012 and issued a non-final office action, rejecting all claims.

During reexamination, the parties were engaged in infringement litigation involving the '504 patent in the Eastern District of Texas. In March 2013, the district court entered final judgment upholding the validity of claims 36, 47, and 51 of the '504 patent. VirnetX Inc. v. Cisco Sys. Inc., No. 6:10-cv-417 (E.D. Tex. Mar. 19, 2013). After Cisco failed to appeal that judgment, VirnetX filed a petition to terminate the reexamination "at least regarding claims 36, 47, and 51" under 35 U.S.C. § 317(b). J.A. 1479. The patent office granted VirnetX's petition and terminated reexamination as to claim 36 and its dependent claims 37-59. Reexamination proceeded on claims 1-35 and 60.

The Examiner issued a Right of Appeal Notice in February 2015 and found claim 11 patentable but all other claims unpatentable as either anticipated or obvious. VirnetX appealed the Examiner's rejections to the Board, and Cisco filed a cross appeal on claim 11. The Board affirmed the Examiner's rejection of claims 1-10, 12-35, and 60 in September 2016. The Board reversed the Examiner's decision on claim 11 and entered a new ground of rejection on that claim.

The Board found claims 1 and 24 anticipated under 35 U.S.C. § 102(b) by prior art references Lendenmann and Aziz and dependent claims 5 and 23 anticipated by Lendenmann. The Board found dependent claims 12 and 13 obvious under 35 U.S.C. § 103 over the combination of Lendenmann, Gazpoz, and RFC 793. Finally, the Board noted that VirnetX failed to present additional arguments in support of any of the remaining claims, so it affirmed the rejections of claims 2-4, 6-10, 14-22, 25-35, and 60.

Rolf Lendenmann, IBM Int'l Technical Support Org., Understanding OSF DCE 1.1 for AIX and OS/2 1-245 (1995).

U.S. Patent No. 6,119,234.

Jean-Paul Gazpoz, VPN on DCE: From Reference Configuration to Implementation, IS&N '95: 3d Int'l Conf. on Intelligence in Broadband Servs. and Networks 250-60 ("Gazpoz").

DARPA Internet Program Protocol Specification, Transmission Control Protocol, 793 (1981).

VirnetX requested to reopen prosecution for claim 11 under 37 C.F.R. § 41.77(a) following the Board's new ground of rejection. The Board granted VirnetX's request and remanded to the Examiner. On remand, the Examiner agreed with the Board that claim 11 was unpatentable. VirnetX appealed the rejection, and the Board affirmed. VirnetX then requested rehearing, arguing that the Board's 2016 decision "inconsistently indicated whether it adopted the Examiner's rejections" of claims 24 and 26. J.A. 2662. In response, the Board issued an erratum amending its 2016 decision to clarify that it affirmed the Examiner's rejections of claims 24 and 26, and it denied VirnetX's rehearing request.

VirnetX now appeals. We have jurisdiction under 28 U.S.C. § 1295 (a)(4)(A).

II

A.

VirnetX argues that the Board erred in finding that either Lendenmann or Aziz anticipates claims 1 and 24 of the '504 patent. According to VirnetX, neither Lendenmann nor Aziz discloses an "indication that the domain name service system supports establishing a secure communication link" as required by the claims. '504 patent col. 55 ll. 55-56, col. 57 ll. 5-7. VirnetX also argues that the Board failed to conduct a proper claim construction analysis for the "indication" limitation and introduced new arguments for the first time in its 2016 decision.

We have considered VirnetX's arguments, and we find no reversible error in the Board's analysis and rejections of claims 1 and 24. Accordingly, we affirm the Board's decision on claims 1-4, 6-11, 14-35, and 60.

B.

VirnetX also argues that the Board erred in its rejections of claims 5, 12, and 13 because it failed to address VirnetX's argument regarding Lendenmann's Remote Procedure Call (RPC) mode of communication. We agree.

VirnetX's opening brief initially claims that this issue affects the Board's rejection of claims 5, 11, and 12. Appellant's Br. at 42. The remainder of VirnetX's briefing, however, addresses the Board's rejections of claims 5, 12, and 13. See id. at 42-44; Reply Br. at 20-23. This is consistent with the Board's treatment of the claims in its decision, which considered the patentability of claims 12 and 13 together. See J.A. 29-30. Thus, we understand VirnetX's challenge on appeal to relate solely to claims 5, 12, and 13, notwithstanding the apparently erroneous statement in its opening brief.

Claim 5 requires that the DNS system is "configured to authenticate the query using a cryptographic technique." '504 patent col. 55. ll. 66-67 (emphasis added). The Examiner found that Lendenmann teaches that limitation because "a query from a client to a directory service (CDS) server is made by a RPC," and "RPC calls rely upon well known authentication algorithms." J.A. 2242. On appeal to the Board, VirnetX argued that Lendenmann's "CDS does not use the remote procedure calls to communicate with clients." J.A. 2342. And it repeated this argument in support of the patentability of claim 5 specifically.

The parties agree that Lendenmann's Cell Directory Service (CDS) server performs the functions of a DNS server.

The Board failed to meaningfully address VirnetX's argument. It merely noted that claim 5 does not "recite[] that the domain name service system is configured to . . . 'use the RPC [Remote Procedure Call] mode of communication.'" J.A. 28. Although true, that observation does not speak to VirnetX's argument.

Claim 5 does not require the use of RPC; it requires "authentic[ation of] the query using a cryptographic technique." '504 patent col. 55 ll. 66-67. The Examiner's rejection of that claim was premised on: (1) the finding that Lendenmann's RPC is a cryptographic technique because it uses "well known authentication algorithms;" and (2) the finding that "a query from a client to a directory service (CDS) server is made by a RPC." J.A. 2242. Both of those findings are necessary to support the Examiner's rejection. Thus, if Lendenmann does not use RPC when sending a query to the DNS server, the Examiner's rejection of claim 5 must fail. But even though VirnetX contested this point, the Board did not address whether Lendenmann uses RPC in this manner.

The issue above applies equally to the Board's treatment of claims 12 and 13. Like claim 5, the Examiner's rejection of those claims is premised on finding that Lendenmann uses RPC to communicate with its DNS server. See J.A. 2244 ("The Examiner agrees with the third party requester that CDS uses the PRC [sic] model of communications and RPC operate over TCP, where RFC 793 teaches that TCP verifies that received data falls within a moving window of accepted sequence number as is notoriously well known in the art of TCP communications."). Again, VirnetX challenged this finding before the Board, but the Board failed to even mention RPC in its discussion of claims 12 and 13.

Cisco does not contest VirnetX's claim that the Board did not sufficiently address its argument on RPC. Instead, Cisco argues that we should affirm because the Examiner explicitly made the finding on RPC, and the Board generally affirmed the Examiner's rejection. We disagree.

"We review Board decisions using the standard set forth in the Administrative Procedure Act (APA)." Novartis AG v. Torrent Pharms. Ltd., 853 F.3d 1316, 1323 (Fed. Cir. 2017). Under the APA, "the Board is required to set forth in its opinions specific findings of fact and conclusions of law adequate to form a basis for our review." Gechter v. Davidson, 116 F.3d 1454, 1460 (Fed. Cir. 1997). The Board may adopt and incorporate the Examiner's findings from a Right of Appeal Notice. Icon Health & Fitness, Inc. v. Strava, Inc., 849 F.3d 1034, 1043 (Fed. Cir. 2017). But "[t]o incorporate material by reference, the host document must identify with detailed particularity what specific material it incorporates and clearly indicate where that material is found in the various documents." Advanced Display Sys., Inc. v. Kent State Univ., 212 F.3d 1272, 1282 (Fed. Cir. 2000).

Here, the Board failed to make a factual finding that Lendenmann uses RPC to communicate with the CDS server, and the Board failed to effectively incorporate the Examiner's finding. Nowhere in the Board's decision does it "identify with detailed particularity" the Examiner's finding on RPC, nor does it "indicate where that material is found" in the Examiner's Right of Appeal Notice. Id. The Board's broad statement that "[t]he Examiner did not err in rejecting claims 1-3, 5-10, 12-35, and 60," J.A. 30, is insufficient to incorporate the Examiner's factual findings by reference, cf. Icon Health, 849 F.3d at 1043 (holding that the Board incorporated the Examiner's findings by reference because it particularly identified the Right of Appeal Notice and the specific page ranges where the incorporated material could be found).

Cisco's reliance on 37 C.F.R. § 41.77(a) and In re Nielson, 816 F.2d 1567 (Fed. Cir. 1987), is misplaced. Section 41.77(a) provides that "[t]he affirmance of the rejection of a claim on any of the grounds specified constitutes a general affirmance of the decision of the examiner on that claim, except as to any ground specifically reversed." This court relied on that regulation in In re Nielson to reach the merits of a ground for rejection not addressed by the Board because the Board affirmed "for generally the reasons set forth in the examiner's answer." See 816 F.2d at 1571. Neither Nielson nor § 41.77(a) speak to the situation here, where the Board specifically addressed the grounds of rejection for claims 5, 12, and 13 but failed to make or incorporate the necessary factual findings to support affirmance of the rejection. Section 41.77(a) and Nielson do not absolve the Board of its duty to "set forth in its opinions specific findings of fact and conclusions of law adequate to form a basis for our review." Gechter, 116 F.3d at 1460. Furthermore, it appears the Board did not even understand the Examiner's rejection it was affirming. Instead of substantively addressing the Examiner's factual finding that Lendenmann's disclosure of RPC taught the features of dependent claims 5, 12, and 13, the Board appeared to dismiss this analysis as unnecessary by responding that the claim did not require RPC. --------

Accordingly, we vacate the Board's decision on claims 5, 12, and 13. On remand, the Board should consider whether the system described in Lendenmann uses the RPC mode of communication for communications between a user and the CDS.

III

We find no reversible error in the Board's analysis and rejection of claims 1 and 24 of the '504 patent. Accordingly, we affirm the Board's decision on claims 1 and 24, and we affirm the Board's decision on claims 2-4, 6-11, 14-23, 25-35, and 60 because VirnetX failed to present separate arguments for the patentability of those claims. Because the Board failed to address VirnetX's arguments and make necessary factual findings for the rejection of claims 5, 12, and 13, however, we vacate the Board's decision on those claims. On remand, the Board should consider whether the Lendenmann reference discloses the use of its RPC mode of communication for communications between a user and the CDS as found by the Examiner.

AFFIRMED IN PART, VACATED IN PART, AND

REMANDED

No costs.


Summaries of

Virnetx Inc. v. Cisco Sys., Inc.

United States Court of Appeals for the Federal Circuit
Jun 28, 2019
2018-1751 (Fed. Cir. Jun. 28, 2019)
Case details for

Virnetx Inc. v. Cisco Sys., Inc.

Case Details

Full title:VIRNETX INC., Appellant v. CISCO SYSTEMS, INC., Appellee

Court:United States Court of Appeals for the Federal Circuit

Date published: Jun 28, 2019

Citations

2018-1751 (Fed. Cir. Jun. 28, 2019)