Acknowledgements
This communication is in response to applicant’s response filed on 10/05/2020.
Claims 1-15 and 20 have been amended. 
Claims 1-20 are pending and have been examined in this application. 

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Regarding the applicant’s arguments:
Regarding applicant’s argument on Claim Rejections - 35 USC § 103, that the combination of Gehrmann (US 20170295491) in view of Poeluev (US 20130086385) does not teach a system and a method, respectively, for deploying a single bootstrapping certificate on a device that enables the device to be provisioned within multiple ecosystems, wherein the device is certified for deployment in both a first and second ecosystem, as in amended claim 1, examiner respectfully argues that applicant’s argument is moot in light of the new grounds of rejection necessitated by the claim amendments. Applicant makes similar arguments for claim 15 as for claim 1. Examiner respectfully argues applicant’s arguments are moot for the same reasons listed above for claim 1.
Applicant argues dependent claims 2-14 and 16-20 are patentable because of their dependency on claims 1 and 15. Examiner respectfully argues applicant’s 

Priority
This application is a continuation-in-part of US Patent Application No. 15/784,845 filed on 06/27/2016. Applicant’s claim for the benefit of this prior-filed application is acknowledged. Applicant’s claim for the benefit of prior-filed US Provisional Applications 62/408,567 filed on 10/14/2016 and 62/465,261 filed on 03/01/2017 is acknowledged.

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. 
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitation(s) is/are: 
an ecosystem manager configured to create at least one PKI keypair, a root certificate, and a bootstrapping certificate in Claim 1; This element is being interpreted under 112(f) as ecosystem manager 402, which represents one or more of an organization/entity inside ecosystem 400, an external entity, or another collaborative group that assists in the support of security and certificate issuance for ecosystem 400. In the exemplary embodiment, ecosystem manager 402 includes a PKI infrastructure 410, a certificate database 412, and an authentication and validation server (AVS) 414. In at least one -14- 61045infrastructure 410 includes a root CA 416, one or more intermediate CAs 418, and one or more manufacturer CAs 420 (Paragraph [0044], lines 4-10). 

Claim Rejections - 35 USC § 102(a)(1)
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1-4, 7-8, 13-14 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Kocher (US 20140044265).

Regarding Claim 1, Kocher teaches a system for managing a public key infrastructure (PKI) for an electronic device configured for use within a first PKI ecosystem and a second PKI ecosystem different from the first PKI ecosystem (Paragraph 0029 teaches an exemplary system with one or more of each entity (i.e. multiple IC manufacturers supplying identical ICs, multiple product vendors providing products that utilize the same IC design, and multiple comprising: an ecosystem manager configured to create a root PKI keypair, a root certificate, and a bootstrapping certificate chained to the root certificate (Paragraphs 0031, 0034, 0053, 0065, 0070, and 0073 teach the root authority (i.e., ecosystem manager) is an entity that manages SM programming capabilities, and can assign subsets of capabilities to one or more delegate-authority systems associated with one or more delegate authorities; the root-authority system generates commands to lock, unlock, or configure Features associated with the SM-enabled ICs (i.e., generates root-signed blocks (RSBs) which comprise the root certificate); this generation process may involve the root authority system generating a key pair for a public key cryptosystem, where the public key is exported as a hardware configuration key and the private key is retained in the root authority system; the root authority may grant permissions to a delegate authority, wherein the delegate authority is given a subset of the root-authority system's SM programming capabilities; permissions are conveyed via control over what signed messages (e.g., signed blocks) are provided by authority systems, regulation of the signing key(s) used by the authority systems, regulation of the specific types of payloads that may be signed by one of the authority systems, regulation of the communications channel/destinations and the types of messages that may be conveyed to the SM-core, or some combination thereof (i.e., the root authority gives the delegate authority permission to generates delegate-signed blocks (DSBs) which comprise the bootstrapping certificate)); a device manufacturer configured to integrate into the electronic device at least one silicon component, wherein the device manufacturer is further configured to integrate into the at least one silicon component a public key of the root PKI keypair and the bootstrapping certificate (Paragraphs 0036-0039, 0055, and 0058 teach the IC manufacturer manufactures SoC that include an SM core comprising one or more security keys, a device ID, initial Feature configuration settings, or some combination thereof; to do this, IC manufacturer is equipped to provide a first stage of customization; a product vendor (i.e., the product vendor may be a delegate-authority system may be allowed certain capabilities by the root-authority system) may add additional customization to meet the requirements for different product vendors; during this stage of customization, the feature state of the SM core may be updated to customize the SM-enabled IC to each product vendor's needs); and an ecosystem approved test lab (ATL) configured to (i) test the electronic device having the integrated silicon component and the public key (Paragraph 0050 teaches the root authority may securely allow other entities in system to enable or partially enable one or more Features of a SM-enabled IC or SM-enabled device for testing; for example, the root authority may enable a Feature in the SM-enabled IC for a set period of time or for a number of power-ups (e.g., such that the Feature is only enabled until the next time the SM-enabled IC is powered up or reset); note that the two stages of customization can, for example, be performed respectively at wafer-level test and package-level test of the IC), (ii) confirm that the bootstrapping certificate complies with first predetermined standards of the first ecosystem and with second predetermined standards of the second ecosystem (Paragraph 0054 teaches a SM-enabled IC is manufactured and tested based on the SM-enabled IC design; each SM-enabled IC may have one or more SM cores, where each SM core may control one or more Features (i.e., comprises first and second ecosystems); testing  and (iii) certifying the electronic device as ready for provisioning in the first and second ecosystems (Paragraph 0104 teaches the SM-enabled device may include tester I/F configured to provide a communication path to SM core when SM core is in a manufacturing state; a tester system may be coupled to system such that it is able to test system for correct operation; for example, the tester system can be configured to ensure that system is properly enabling Features, disabling Features, programming secure memory, etc.; the tester system may include one or more processors and a memory, and may communicate with (or include) a delegate authority system for authorizing operations in SM core), wherein the ecosystem manager is further configured to, in response to a provisioning request from the electronic device, (i) issue a first ecosystem certificate to the electronic device for deployment of the electronic device in the first ecosystem (Paragraph 0061 teaches in-field management can include a request being received to update the feature state of an SM-enabled device; such requests may be initiated, for example, by end user or the device itself sending the request to the root authority or an appropriately authorized delegate authority; in-field management then involves transmission of one or more authorizations and/or secure keys to an SM-enabled device, via the root/delegate-authority system in communication with the SM-enabled device; upon receipt of the response, software in the SM-enabled device provides portions of the response (including cryptographic and (ii) withhold issuance of a second ecosystem certificate for deployment of the electronic device in the second ecosystem (Paragraph 0045 teaches billing and reporting service tracks fees associated with enabling or disabling Features associated with the SM-enabled IC(s) or delivering a key to the SM-enabled IC(s); based on the collected records, billing and reporting service helps the root authority or delegate authority enact a policy that payment is received prior to enabling or configuring a Feature on the SM-enabled IC (i.e., if the payment has not been received the root/delegate authority withholds issuance of certificate)).

Regarding Claim 2, Kocher teaches all the limitations of claim 1 above; and Kocher further teaches wherein the at least one silicon component comprises one or more of a system on a chip (SoC), an electronic chip, and a silicon wafer (Paragraph 0036 teaches the IC manufacturer manufactures ICs that are configured for specific applications after manufacture, wherein the IC may be a systems on a chip (“SOC”)).

Regarding Claim 3, Kocher teaches all the limitations of claim 1 above; and Kocher further teaches wherein the ecosystem manager comprises a PKI infrastructure including a root certificate authority (CA), at least one intermediate CA, and a bootstrapping CA (Paragraphs 0044 and 0067 teach as a root authority may authorize one or more other entities to be delegate 

Regarding Claim 4, Kocher teaches all the limitations of claim 3 above; and Kocher further teaches wherein the root CA is configured to generate the root PKI keypair for installation on, or encoding within, the silicon component (Paragraph 0053 teaches the generation process may involve the root authority system generating a key pair for a public key cryptosystem, where the public key is exported as a hardware configuration key and the private key is retained in the root authority system).

Regarding Claim 7, Kocher teaches all the limitations of claim 3 above; and Kocher further teaches wherein the ecosystem manager further comprises a certificate database and an authentication and validation server (AVS) (Paragraph 0180 teaches auditing can be performed using device specific keys; a database of keys may be made available to the auditor (for example, by a root authority, an IC manufacturer, a product vendor, a security service, etc.) to facilitate verification of the audit response (as well as possibly creation of audit requests)).

Regarding Claim 8, Kocher teaches all the limitations of claim 7 above; and Kocher further teaches wherein the AVS is configured to receive the provisioning request from the electronic device (Paragraph 0125 teaches the SM core in an SM-enabled IC receives commands from a root-authority system; the root-authority system receives one or more SM commands from the SM-enabled device, e.g. from a signing request (i.e., provisioning request) or an input file).

Regarding Claim 13, Kocher teaches all the limitations of claim 1 above; and Kocher further teaches further comprising a semiconductor manufacturer configured to create the at least one silicon component (Paragraphs 0029-0030 teach the IC fabrication may involve different companies (i.e., semiconductor manufacturers) and/or stages to manufacture wafers; the IC provider provides chip designs for configurable ICs, such that some aspects of the chip may be configured after manufacture; an IC including an SM core is referred to as a SM-enabled IC).

Regarding Claim 14, Kocher teaches all the limitations of claim 13 above; and Kocher further teaches wherein the device manufacturer comprises the semiconductor manufacturer (Paragraphs 0036 and 0029 teaches the IC manufacturer (i.e., may be same entity as IC provider) is an entity that manufactures ICs (e.g., systems on a chip (“SOC”)) that include an SM core; the IC manufacturer may embed one or more security keys, a device ID, initial Feature configuration settings, or some combination thereof, into the SM core as part of its manufacturing process, testing process, or both).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 5-6 and 15-18 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Kocher (US 20140044265) in view of Resch (US 20130117560).

Regarding Claim 5, Kocher teaches all the limitations of claim 4 above; however Kocher does not explicitly teach wherein the root CA is further configured to generate the root certificate.
Resch from same or similar field of endeavor teaches wherein the root CA is further configured to generate the root certificate (Paragraph 0084 teaches the root certificate authority generates a root certificate).

There is motivation to combine Resch into Kocher because the Root Authority can verify a provisioning request to enable certain features on the SM-enabled devices using the certificate by verifying the public key associated with the provisioning request. 

Regarding Claim 6, the combination of Kocher and Resch teaches all the limitations of claim 5 above; and Kocher further teaches wherein the at least one intermediate CA is configured to chain to the root CA and publish the root certificate such that the bootstrapping CA may chain to the at least one intermediate CA (Paragraphs 0130, 0134, and 0138 teach the root-authority system may receive and sign command templates that designate the form, or content, or both of DSBs; the delegate-authority system can verify the signature of the root-authority system as a way to ensure that it will only sign DSBs of the intended form; an RSB may require that the DSB signature include a certain amount of “binding data” (i.e., chaining data) of a form specified by the RSB; because the binding data is incorporated in the signature by the delegate authority system, the RSB may also specify as binding data and parameters that the root authority wishes to ensure are accurately logged; in an exemplary method of generating a DSB, the delegate authority input parameters may be digitally signed 

Regarding Claim 15, Kocher teaches a method for issuing a bootstrapping certificate for an electronic device in a first ecosystem in which the electronic device may be deployed and a different second ecosystem in which the electronic device may be deployed (Paragraph 0052 teaches FIG. 1B, which shows an exemplary lifecycle for a SM-enabled device within an ecosystem (e.g., system)), the method comprising the steps of: generating a root public key infrastructure (PKI) keypair, wherein the PKI keypair includes a public key and a private key (Paragraph 0053 teaches the generation process may involve the root authority system generating a key pair for a public key cryptosystem, where the public key is exported as a hardware configuration key and the private key is retained in the root authority system); chaining at least one bootstrapping certificate to the root certificate (Paragraphs 0130, 0134, and 0138 teach the root-authority system may receive and sign command templates that designate the form, or content, or both of DSBs; the delegate-authority system can verify the signature of the root-authority system as a way to ensure that it will only sign DSBs of the intended form; an RSB may require that the DSB signature include a certain amount of “binding data” (i.e., chaining data) of a form specified by the RSB; because the binding data is incorporated in the signature by the delegate authority system, the RSB may also specify as binding data and parameters that the root authority wishes to ensure are accurately logged; in an exemplary method of generating a DSB, the delegate authority input inserting the bootstrapping certificate and the public key into a silicon component (Paragraphs 0039 and 0137 teach a product vendor (i.e., product vendor is a delegate authority such that it is able to make certain specific configuration changes to SM-enabled ICs) may add additional customization of the SM-enabled ICs (i.e., bootstrapping certificate); the delegate input parameters may be digitally signed by the delegate-authority system (using the private key that corresponds to the delegate-authority public key contained in the RSB) to create the DSB; the DSB is provided to, for example, an SM-enabled IC (either directly or various intermediaries) and processed by the SM core); integrating the silicon component into the electronic device (Paragraph 0059 teaches the SM-enabled IC is incorporated into a device to create a SM-enabled device during a product manufacturing process); testing the electronic device to certify that the inserted bootstrapping certificate is valid (Paragraph 0050 teaches the root authority may securely allow other entities in system to enable or partially enable one or more Features of a SM-enabled IC or SM-enabled device for testing; for example, the root authority may enable a Feature in the SM-enabled IC for a set period of time or for a number of power-ups (e.g., such that the Feature is only enabled until the next time the SM-enabled IC is powered up or reset); note that the two stages of customization can, for example, be performed respectively at wafer-level test and package-level test of the IC); and provisioning the electronic device having a certified bootstrapping certificate for deployment in the first ecosystem and in the second ecosystem, wherein the step of provisioning includes (i) a first request for issuance of a first ecosystem certificate for deployment within the first ecosystem, and (ii) a second request for issuance of a second ecosystem certificate for deployment within the second ecosystem (Paragraphs 0060-0061 teaches the SM-enabled device is distributed to another product vendor, a reseller, or an end user for in-field management; in-field management can include a request being received to update the feature state of an SM-enabled device (i.e., updating the feature state involves updating one or more features such as the first and second ecosystems); such requests may be initiated, for example, by end user or the device itself sending the request to the root authority or an appropriately authorized delegate authority); issuing, in response to the first request, a first ecosystem certificate based on the certified bootstrapping certificate (Paragraph 0061 teaches in-field management then involves transmission of one or more authorizations and/or secure keys to an SM-enabled device, via the root/delegate-authority system in communication with the SM-enabled device); and denying, in response to the second request, issuance of the second ecosystem certificate (Paragraph 0045 teaches billing and reporting service tracks fees associated with enabling or disabling Features associated with the SM-enabled IC(s) or delivering a key to the SM-enabled IC(s); based on the collected records, billing and reporting service helps the root authority or delegate authority enact a policy that payment is received prior to enabling or configuring a Feature on the SM-enabled IC (i.e., if the payment has not been received the root/delegate authority withholds issuance of certificate)).
However Kocher does not explicitly teach generating a root certificate.
generating a root certificate (Paragraph 0084 teaches the root certificate authority generates a root certificate).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the base invention in Kocher which teaches generating a PKI keypair to incorporate the teachings of Resch for the root CA to be further configured to generate the root certificate to record and keep track of the generated PKI keypair.
There is motivation to combine Resch into Kocher because the Root Authority can verify a provisioning request to enable certain features on the SM-enabled devices using the certificate by verifying the public key associated with the provisioning request.

Regarding Claim 16, the combination of Kocher and Resch teach all the limitations of claim 15 above; and Kocher further teaches wherein the step of inserting comprises inserting the private key into a protected area of the silicon component (Paragraph 0095 teaches the SM-enabled device includes secure memory; depending on the technology and security features present, contents of secure memory may be encrypted and/or authenticated, may be protected from reads by blocks other than SM core, may be configured to be one-time-programmable; also, secure memory may be isolated such that only SM core is connected to secure memory, or such that other components of the SM-enabled IC may read from secure memory but only SM core may write to secure memory).

Regarding Claim 17, the combination of Kocher and Resch teach all the limitations of claim 16 above; and Kocher further teaches wherein the protected area comprises a trusted platform module of an electronic chip (Paragraph 0095 teaches the secure memory may be isolated such that only SM core is connected to secure memory, or such that other components of the SM-enabled IC may read from secure memory but only SM core may write to secure memory; additionally, secure memory is designed to resist efforts to learn its contents by, for example, removing certain layers from the IC, capturing micrographs of the IC, or electrically probing the IC during operation).

Regarding Claim 18, the combination of Kocher and Resch teach all the limitations of claim 15 above; and Kocher further teaches further comprising, after the step of inserting, the step of notifying an ecosystem manager of the successful insertion of the bootstrapping certificate (Paragraph 0208-0209 teach the delegate-authority system transfers a DSB containing the appropriate memory write commands to a device tester; the device tester transfers the DSB (with its accompanying RSB) to the SM-enabled ICs, where it is received, verified, and (if valid) executed by the SM core to program the memory; the delegate-authority system may update an audit log with information indicating that the one or more SM-enabled ICs were successfully personalized, and these audit logs may then be transferred to a security service (i.e., ecosystem manager)).

Regarding Claim 20, the combination of Kocher and Resch teach all the limitations of claim 15 above; and Kocher further teaches wherein the electronic device is an Internet of things (IoT) device (Paragraph 0077 teaches SM-enabled devices can be, for example, smartphones, tablets, netbooks, desktop computers, set top boxes, mobile devices, laptop computers, digital video recorders, pay TV set top boxes, automobiles, manufacturing equipment, digital and video cameras, batteries, devices that authenticate peripherals, video game user interfaces and other user interfaces, etc.), and wherein the IoT device includes at least one application programming interface capable of triggering the step of provisioning (Paragraph 0086 and 0100 teach configuration value interface is a communication path configured to pass Feature data associated with Feature management operations; for example, if one or more Features are being configured or enabled, extractor passes the feature data to the appropriate sub-extractor via configuration value interface; the configuration value interface couple the SM core to the extractor and sub-extractors to transmit data from SM core to an particular Feature by, for example, continuously sending data values, sending data when a change-of-value event occurs (e.g., enable Feature) or a request is received).

Claims 9-12 are rejected under 35 U.S.C. 103 as being unpatentable over Kocher (US 20140044265) in further view of Sovio (US 20180375667).

Regarding Claim 9, Kocher teaches all the limitations of claim 8 above; however Kocher does not explicitly teach wherein the provisioning request includes one or more of the bootstrapping certificate, an identification of the ecosystem, the public key, proof of a private key of the at least one PKI keypair, and an indicator for a mechanism supported by the ecosystem for certificate issuance.
Sovio from same or similar field of endeavor teaches wherein the provisioning request includes one or more of the bootstrapping certificate, an identification of the ecosystem, the public key, proof of a private key of the at least one PKI keypair, and an indicator for a mechanism supported by the ecosystem for certificate issuance (Paragraphs 0053-0054 teach generation of a device certificate requires deriving a public private key pair; the key pair is recovered or derived within a server, which in this example is a secure environment; the server can be a manufacturing server or other manufacture, repair, or provisioning environment; recovering of the key pair is based on applying a deterministic function to the publicly available device identifier and diversifier value along with the confidential shared secret value; the derived key pair is then used to create a CSR; the diversifier value is included in the CSR along with the public key from the key pair and device identifier; the CSR is signed with the private key derived with the key pair; the CSR is then sent to a CA for generation and signing of a device certificate).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Kocher to incorporate the teachings of Sovio for the provisioning request to include one or more of the bootstrapping certificate, an identification of the ecosystem, the public 
There is motivation to combine Sovio into Kocher because deploying a PKI capable of issuing certificates to all devices requires multiple CAs distributed around the globe and can be a very complex and expensive task. The base invention is improved because the issuing and distributing of device certificates is not constrained to manufacturing and repair facilities and is therefore efficient and low-cost (Sovio Paragraph 0005).

Regarding Claim 10, the combination of Kocher and Sovio teaches all the limitations of claim 9 above; however the combination does not explicitly teach wherein the proof of the private key includes one or more of a digital signature and a decryption of an encrypted message.
Sovio further teaches wherein the proof of the private key includes one or more of a digital signature and a decryption of an encrypted message (Paragraph 0056 teaches to obtain a signed device certificate, a CSR corresponding to the SEE needs to be created and signed with the private key of the SEE).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Kocher and Sovio to incorporate the further teachings of Sovio for the proof of the private key to include one or more of a digital signature and a decryption of an encrypted message.
There is motivation to further combine Sovio into the combination of Kocher and Sovio because of the same reasons listed above for claim 9.

Regarding Claim 11, the combination of Kocher and Sovio teaches all the limitations of claim 9 above; however the combination does not explicitly teach wherein the indicator for the mechanism includes one or more of a secure software download, a certificate signing request, and an encrypted package deployment.
Sovio further teaches wherein the indicator for the mechanism includes one or more of a secure software download, a certificate signing request, and an encrypted package deployment (Paragraph 0054 teaches the derived key pair is then used to create a CSR; the diversifier value is included in the CSR along with the public key from the key pair and device identifier; the CSR is signed with the private key derived with the key pair; the CSR is then sent to a CA for generation and signing of a device certificate).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Kocher and Sovio to incorporate the further teachings of Sovio for the proof of the private key to include one or more of a digital signature and a decryption of an encrypted message.
There is motivation to further combine Sovio into the combination of Gehrmann, Poeluev, and Sovio because of the same reasons listed above for claim 9.

Regarding Claim 12, the combination of Kocher and Sovio teaches all the limitations of claim 9 above; and Kocher further teaches wherein the AVS is further configured to validate one or more of (i) the bootstrapping certificate was issued, (ii) the bootstrapping certificate is presently valid, (iii) the bootstrapping certificate has not been revoked, (iv) the bootstrapping certificate is trusted for the ecosystem, (v) the ecosystem is presently allowing bootstrapping certificate issuance, (vi) predetermined financial-23- PATENT61045 obligations have been met to allow for ecosystem certificate issuance, and (vii) the mechanism is presently supported (Paragraph 0045 teaches the billing and reporting service tracks fees associated with various transaction types by various entities in the ecosystem; for example, an entity may be required to pay to enable or disable Features associated with the SM-enabled IC(s) or deliver a key to the SM-enabled IC(s); the billing and reporting service collects information about the number of transactions performed by delegates, for example by receiving electronic transaction or audit records from delegate-authority systems; based on the collected records, billing and reporting service may aggregate billing amounts across multiple chip types and transaction types (e.g., kinds of features enabled), and ultimately calculate the amounts owed by entities that enable features or perform other transactions; in some embodiments, the root authority or delegate authority may impose a policy that payment is received prior to enabling or configuring a Feature on the SM-enabled IC).

Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over Kocher (US 20140044265) in view of Resch (US 20130117560) in further view of Gehrmann (US 20170295491).

Regarding Claim 19, the combination of Kocher and Resch teaches all the limitations of claim 18 above; however the combination does not explicitly teach wherein the step of notifying is performed over an encrypted channel based on the private key. 
Gehrmann from same or similar field of endeavor teaches wherein the step of notifying is performed over an encrypted channel based on the private key (Paragraphs 0040, 0053, and 0057 teach a secure connection may be established by the M2M unit and the application server; an ordinary mutual authentication with the M2M service node maybe performed using the preliminary credentials (e.g., in form of a preliminary root key) shared between the M2M unit/device and the MAS; using the mutual authenticated and protected channel established, the M2M node may bootstrap the M2M unit/device with additional security bootstrapping material such as private public key pairs and the trusted public key of the MSBF; the factory bootstrap may imply and/or may provide that credential information may be configured in the device at manufacture; the protection method the standard may provide may use the 3GPP GBA framework for protecting the bootstrap communication channel; the OMA bootstrap information may allow or enable the OMA client to securely connect to a provisioning server over a secure channel such as TLS).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Kocher and Resch to incorporate the teachings of Gehrmann for the step of notifying to be performed over an encrypted channel based on the private key.
.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to COURTNEY JONES whose telephone number is (469)295-9137.  The examiner can normally be reached on 7:30 am - 5:00 pm CST (M-F).

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached at (571) 270-1492.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/C.P.J./Examiner, Art Unit 3685

/JAY HUANG/Primary Examiner, Art Unit 3685