DETAILED ACTION
The following is a non-final office action in response to applicants’ request for continued examination (RCE) filed on 02/22/2021.  Claims 5, 13, and 14 have been amended.  Claims 5-15 are currently pending and have been considered as follows.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicants’ submission filed on 02/22/2021 has been entered.
Response to Arguments
In view of applicants’ amendment to the claims, the Examiner withdraws the claim objections to Claims 5, 13, and 14.  The Examiner further withdraws the 35 U.S.C. §101 rejection of Claim 13.
Applicants’ arguments filed on 02/22/2021 with respect to the Andivahis reference have been fully considered, but they are not persuasive.  On pages 5-6 of the remarks, applicants argued that Andivahis teaches creating a symmetric key Ks and then encrypting and splitting it into Kse1 and Kse2, and thereby does not disclose “sending the entirety of the encryption key and the list of recipients to a privacy service entirety of the encryption key”.  
The Examiner respectfully disagrees.  Upon review of Andivahis, applicants’ arguments are based on Andivahis’ First Embodiment ([0024]-[0046]) and Third Embodiment ([0066]-[0081]) disclosures.  However, Andivahis’ Second Embodiment ([0047]-[0065]) clearly teaches “sending the entirety of the encryption key and the list of recipients to a privacy service component” (e.g. Andivahis sender sends the entire encrypted symmetric key Kse, instead of just a split-key fragment to the key server [0055]; sender sends designation of the intended recipients’ identifying information such as e-mail address of each recipient designated in the recipient data field [0051]) and “receiving from the privacy service component the entirety of the encryption key” (e.g. Andivahis key server retrieves the encrypted symmetric key Kse and sends it to the recipient in a response message [0063]).
In so much as the prior office action mailed 01/22/2020 cited portions of Andivahis’ First and Third Embodiments, the current ground(s) of rejection are based on Andivahis’ Second Embodiment and disclosures applicable to such embodiment. 
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

Claims 5, 6, 13, and 14 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Andivahis et al. (US 20030147536 A1, hereinafter Andivahis).
As to Amended Claim 5:
Andivahis discloses a method for electronic messaging (e.g. Andivahis “a system and method for secure communication of electronic messages and electronic data streams amongst a community of users” [0005]), the method comprising: 
generating, using a first messaging application running on a first user device (e.g. Andivahis client program [0020]; software programs called mail user agents MUAs) running on computers [0023]; [0113]-[0118]), an encryption key for encrypting messages (e.g. Andivahis sender generates a symmetric key Ks and encrypts it to produce Kse [0054]) and a list of recipients authorized to view messages encrypted with the encryption key (e.g. Andivahis sender sends a recipient public key request including recipient data field comprising designation of intended recipients identifying information such as e-mail addresses [0051]);
encrypting a message using the first messaging application and the encryption key (e.g. Andivahis sender encrypts the original message using the symmetric key Ks to form an encrypted message Me [0057]);
sending the entirety of the encryption key and the list of recipients to a privacy service component communicatively coupled to the first user device  (e.g. Andivahis sender sends the entire encrypted symmetric key Kse, instead of just a split-key fragment to the key server [0055]; sender sends designation of the intended recipients’ identifying information such as e-mail address of each recipient designated in the recipient data field [0051]);
receiving the encrypted message in a second messaging application running on a second user device (e.g. Andivahis recipient receives the composite message [0058] including the encrypted message Me [0057]; [0060]; key server retrieves the encrypted symmetric key Kse and sends it to the recipient in a response message [0063] where the second user device runs client-side software [0113]-[0118]);
verifying, on the privacy service component, whether a user of the second messaging application is on the list of recipients (e.g. Andivahis recipient is authenticated by the key server by checking the recipient’s identifying information such as the e-mail address [0061]; [0062]; [0063]), and
receiving from the privacy service component the entirety of the encryption key at the second messaging application in response to the user being on the list of recipients (e.g. Andivahis receiving encrypted symmetric key Kse from the key server and decrypts it to produce the symmetric key Ks [0062]; key server retrieves the encrypted symmetric key Kse and sends it to the recipient in a response message [0063]).
As to Claim 6:
Andivahis discloses the method of claim 5 wherein the encrypted message includes a unique message ID assigned by the privacy service component (e.g. Andivahis “The key server 340 then prepares a recipient public key response 352 which preferably includes a newly created message identifier, the recipient's 320 preferred public encryption key Ke, and related auditing information” [0053]; [0056]; message identifier sent by sender [0062]).
As to Amended Claim 13:
Andivahis discloses a system for encrypting and decrypting messages (e.g. Andivahis “a system and method for secure communication of electronic messages and electronic data streams amongst a community of users” [0005]; Fig. 3), the system comprising:
a user computing device comprising a processor and a memory (e.g. Andivahis sender and recipient computer with memory [0020]),
a private messaging application stored in the memory of the user computing device, the private messaging application configured to run on the processor of the user computing device (e.g. Andivahis “client program… It is understood that the executable software code comprising the key server, the sender and the recipient may each reside in the computer-readable memory of a general purpose, or other computer, or even a specialized computer” [0020]; software programs called mail user agents MUAs) running on computers [0023]; [0113]-[0118]), the private messaging application having a send configuration (e.g. Andivahis sender [0020]; [0023]) and a receive configuration (e.g. Andivahis recipient [0020]; [0023]): 
the send configuration for generating an encryption key for encrypting a message (e.g. Andivahis sender generates a symmetric key Ks and encrypts it to produce Kse [0054]; sender encrypts the original message using the symmetric key Ks [0057]) and for generating a list of recipients authorized to view the message (e.g. Andivahis sender sends a recipient public key request including recipient data field comprising designation of intended recipients identifying information such as e-mail addresses [0051]), and
the receive configuration for receiving the encrypted message (e.g. Andivahis recipient receives the encrypted message [0058]; in the composite message [0060]), requesting the entirety the encrypted key and for viewing the encrypted message in clear (e.g. Andivahis recipient sends key retrieval information Kr to key server [0062]; key server retrieves the encrypted symmetric key Kse and sends it to the recipient in a response message [0063]; recipient decrypts Kse to produce symmetric key Ks [0064] and uses the Ks to decrypt the encrypted message Me [0065]), and
a privacy service component (e.g. Andivahis key server having an associated memory database [0048]; Fig. 3) for communicating with a plurality of user computing devices having the private messaging application (e.g. Andivahis sender and recipient computers [0048]; client program [0020]; software programs called mail user agents MUAs) running on computers [0023]; Fig. 3), the privacy service component for storing the entirety of the encryption key and list of recipients (e.g. Andivahis key server stores archival message in database to store key information comprising Kse [0056]; [0051]; [0063]), and for verifying requests to obtain the entirety of the encryption key in respect of specific messages (e.g. Andivahis recipient is authenticated by the key server by checking the recipient’s identifying information such as the e-mail address [0061]; key server checks recipient requests for key retrieval  [0062]; [0063]).
As to Amended Claim 14:
Andivahis discloses a method for electronic messaging (e.g. Andivahis “a system and method for secure communication of electronic messages and electronic data streams amongst a community of users” [0005]), the method comprising: 
generating with a first messaging application running on a first user device (e.g. Andivahis client program [0020]; software programs called mail user agents MUAs) running on computers [0023]) an encryption key for encrypting messages (e.g. Andivahis sender generates a symmetric key Ks and encrypts it to produce Kse [0054]; sender encrypts the original message using the symmetric key Ks [0057]);
sending the entirety of the encryption key and a list of recipients to a privacy service component communicatively coupled to the first user device (e.g. Andivahis sender sends the entire encrypted symmetric key Kse, instead of just a split-key fragment to the key server [0055]; sender sends designation of the intended recipients’ identifying information such as e-mail address of each recipient designated in the recipient data field [0051]);
receiving a unique message ID from the privacy service component (e.g. Andivahis “The key server 340 then prepares a recipient public key response 352 which preferably includes a newly created message identifier, the recipient's 320 preferred public encryption key Ke, and related auditing information” [0053]);
associating a message to the list of recipients with the unique message ID (e.g. Andivahis “The key storage response comprises the message identifier and key retrieval information Kr to the sender 310 [0056]; recipient data field including e-mail addresses of each intended recipient [0051]; associated in database [0053] by archival message [0056]), and encrypting the message using the first messaging application and the encryption key (Andivahis sender encrypts the original message using the symmetric key Ks to form an encrypted message Me [0057]); and
providing the encrypted message to a messaging service provider (e.g. Andivahis sending the composite message including the encrypted message to the recipient [0058] where sender and recipient communicate via Internet service providers and e-mail infrastructure [0085] or users communicate the instant messages (encrypted) through another server that conducts instant messaging session [0100]).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 7, 9, and 10 are rejected under 35 U.S.C. 103 as being unpatentable over Andivahis in view of Cohen et al. (US 20070073823 A1, hereinafter Cohen).
As to Claim 7:
Andivahis discloses the method of claim 5, but does not specifically disclose:
the encrypted message includes a maximum length of time that the encrypted message can be viewed in clear through the second messaging application (e.g. Andivahis although does suggest the user member may specify that the encryption key should no longer be made available at some time in the future [0137]).
However, the analogous art Cohen does disclose the encrypted message includes a maximum length of time that the encrypted message can be viewed in clear through the (e.g. Cohen encrypted instant message may be viewed on display until a self-destruct period has elapsed whereby the message is re-encrypted or re-scrambled thereafter [0068]; self-destruct of instant message may be selected by sending user to a numerical value such as ten seconds [0057]; [Abstract]).  Andivahis and Cohen are analogous art because they are from the same field of endeavor in secure electronic messaging.
(e.g. see Cohen, “An instant message is received at a client. A set of parameters in the instant message is identified. The instant message on a display in the client is presented, and the instant message is removed from the display after a period of time defined by the set of parameters” [Abstract]; [0040]; “The time after which a message will self-destruct may be selected by user through controls 514 and 516. Control 514 is used to select a numerical value. In this example, the numerical value is 10. Control 516 is used to select the type of time period. In these examples, the time period is in seconds. As a result, the message will self-destruct-after ten seconds if check box 512 is selected. Check box 518 is used to set a preference as to whether a countdown timer will be displayed in association with a message that is to be self-destructed” [0057]; “chat window 1000 shows a self-destructed message as encrypted message 1002. This message is identified as being self-destructed through status message 1004. The user may select encrypted message 1002 to initiate the display of a dialog, such as dialog 800 in FIG. 8, to retrieve messages for viewing. When the message is retrieved, encrypted message 1002 is replaced with the original message within section [0068]).
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Andivahis and Cohen before him or her, to modify the method and system of Andivahis with the teachings of Cohen to include the encrypted message includes a maximum length of time that the encrypted message can be viewed in clear through the second messaging application as claimed because Andivahis discloses a system and method for secure communication of encrypted electronic messages amongst users running client programs on devices (Andivahis [0005]-[0063]) where the encrypted messages could be configured by the sender for self-destruct after a period of time for viewing has elapsed (Cohen [Abstract]; [0040]; [0057]; [0068]; [0090]).  The suggestion/motivation for doing so would have been to reduce the possibility that an unauthorized observer may see a message that is presented on a chat window while the user is away (Cohen [0090]).  Therefore, it would have been obvious to combine Andivahis and Cohen to obtain the invention as specified in the instant claim(s).
As to Claim 9:
Andivahis in view of Cohen discloses the method of claim 7 wherein upon exceeding the maximum length of time for viewing the encrypted message in clear, the second messaging application is configured to forget the encryption key or delete the encrypted message (e.g. Cohen “The self-destruction of a message may include, for example, the deletion of the message from the message store of the instant messaging client for the user” [0045]; Andivahis “Still other policies may allow for the Key Server to permanently delete a decryption key (or key fragment) from its archival area, rendering the message virtually non-decryptable” [0086]).  The Examiner supplies the same rationale for the combination of references Andivahis and Cohen as in Claim 7 above.
As to Claim 10:
Andivahis in view of Cohen discloses the method of claim 7 wherein the second messaging application displays a countdown indicator for indicating an amount of time remaining to view the encrypted message in clear (e.g. Cohen “Check box 518 is used to set a preference as to whether a countdown timer will be displayed in association with a message that is to be self-destructed” [0057]; [0058]; “the message self-destructs after ten seconds and a countdown timer is displayed with the message” [0059]; FIG. 5C).  The Examiner supplies the same rationale for the combination of references Andivahis and Cohen as in Claim 7 above.
Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Andivahis in view of Cohen as applied to Claim 7 above, and further in view of Windebank et al. (US 20160314115 A1, hereinafter Windebank).
As to Claim 8:
Andivahis in view of Cohen discloses the method of claim 7 but does not specifically disclose: 
wherein the maximum length of time is 20 seconds (e.g. although Cohen clearly teaches a method and system that configures a self-destruct period of time for messages such as a numerical value of 10 seconds which could be increased to 20 seconds [0057]; FIG. 5A control 514 selectable for numerical value of 10 or others).
The analogous art Windebank clearly discloses choosing the maximum length of time is 20 seconds (e.g. Windebank destructible messages are available for period of 20 seconds [0045]).  Andivahis, Cohen, and Windebank are analogous art because they are from the same field of endeavor in secure electronic messaging.
(e.g. see Windebank, “In conjunction with or in lieu of encryption, exemplary embodiments of the present invention may also use message destructibility to further enhance security and usefulness of the messaging system described herein. In preferred embodiment, availability of a message to the receiver is of a finite time period. As opposed to emails, SMS or other electronic forms of communication, destructible messages are only available for a brief period of time (e.g., 5 seconds, 10 seconds, 20 seconds, 1 minute, 1 hour, 24 hours) before no longer being available. One of ordinary skill in the art would appreciate that there are numerous methods for providing message destructibility, and embodiments of the present invention are contemplated for use with any appropriate method for providing message destructibility” [0045]).
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Andivahis, Cohen, and Windebank before him or her, to modify the combination of Andivahis and Cohen with the teachings of Windebank to include wherein the maximum length of time is 20 seconds as claimed because Andivahis discloses a system and method for secure communication of encrypted electronic messages amongst users running client (Andivahis [0005]-[0063]) where the encrypted messages could be configured by the sender for self-destruct after a period of time for viewing has elapsed (Cohen [Abstract]; [0040]; [0057]; [0068]; [0090]) which could be 20 seconds (e.g. Windebank [0045]).  The suggestion/motivation for doing so would have been to further enhance security and usefulness of the messaging system (Cohen [0045]).  Therefore, it would have been obvious to combine Andivahis, Cohen, and Windebank to obtain the invention as specified in the instant claim(s).
Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over Andivahis in view of Errico (US 20100017619 A1).
As to Claim 11:
Andivahis discloses the method of claim 5 but does not specifically disclose:
wherein the first messaging application can selectively recall the encrypted message from the second messaging application.
However, the analogous art Errico does disclose wherein the first messaging application can selectively recall the encrypted message from the second messaging application (e.g. Errico senders can recall their previously sent certified email messages from a specific recipient [0041] where the electronic messaging system is point-to-point encrypted [0025] so that the message data is encrypted and only accessible by the sender and the receiver [0083]; web browsers implementing secure messaging webpages [0078]).  Andivahis and Errico are analogous art because they are from the same field of endeavor in secure electronic messaging.
(e.g. see Errico, [0024]; “The present invention provides a biometric-enabled, point-to-point encrypted, certified electronic messaging system over the Private, [0025]; “From the View Sender Log process 250 senders can "recall" or "resend" (in process 254) their previously sent certified email messages and attachments, sent via the Invention. This gives the sender the ability to quickly react if they made a mistake or if the recipient wanted the alert notice sent to a different address or in a different format… This Invention does allow the sender to recall the certified email and be certain, by viewing the related sender log entries (in processes 250, 252), that a specific recipient (which could be one of many) has or has not yet seen the contents” [0041]; [0047]; [0083]).
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Andivahis and Errico before him or her, to modify the method and system of Andivahis with the teachings of Errico to include wherein the first messaging application can selectively recall the encrypted message from the second messaging application as claimed because Andivahis discloses a system and method for secure communication of encrypted electronic messages amongst users running client programs on devices (Andivahis [0005]-[0063]) which could be enabled to recall previously sent encrypted email messages from recipients (Errico [0041]; [0047]; [0078]; [0083]).  The suggestion/motivation for doing so would have been to give the sender the ability to quickly react if they made a mistake or if the recipient wanted the notice sent to a different address or in a different format (Errico [0041]).  Therefore, it would have been Andivahis and Errico to obtain the invention as specified in the instant claim(s).
Claims 12 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Andivahis in view of Jordan et al. (US 20150358260 A1, hereinafter Jordan).
As to Claim 12:
Andivahis discloses the method of claim 5 but does not specifically disclose:
wherein the first messaging application can selectively revoke a recipient from the recipient list.
However, the analogous art Jordan does disclose wherein the first messaging application can selectively revoke a recipient from the recipient list (e.g. Jordan Rules engine provides to Message Processor “Remove Recipient(s) from Sender’s buddy list” and instructs Authorization Server to modify ACL to remove i.e. John’s and Sally’s names from Barbara’s buddy list [0052]).  Andivahis and Jordan are analogous art because they are from the same field of endeavor in instant messaging.
(e.g. see Jordan, “Rules Engine 138 provides to Message Processor 136 the rules corresponding to the matching criteria, i.e., " Remove Recipient(s) from Sender's buddy list." Thus, at step 164, Message Processor 136 instructs Authorization Server 134 to modify ACL 140 to remove John's and Sally's names from Barbara's buddy list. FIG. 5D illustrates the content of ACL 140 following these changes s” [0052]).
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Andivahis and Jordan Andivahis with the teachings of Jordan to include wherein the first messaging application can selectively revoke a recipient from the recipient list as claimed because Andivahis discloses a system and method for secure communication of encrypted electronic messages amongst users running client programs on devices that can store recipient(s) identifying information at a server and database for authorizing receipt of sender(s) messages (Andivahis [0005]-[0063]) where recipient(s) can be removed from such access control lists of the sender (Jordan [0052]).  The suggestion/motivation for doing so would have been to dynamically control user identification information included in the buddy lists based on content of messages received from the messaging clients (Jordan [0004]; [0005]).  Therefore, it would have been obvious to combine Andivahis and Jordan to obtain the invention as specified in the instant claim(s).
As to Claim 15:
Andivahis discloses the method of claim 14 but does not specifically disclose:
wherein the first messaging application sends the privacy service component a revoke action request in respect of a specific recipient on the list of recipients.
However, the analogous art Jordan does disclose wherein the first messaging application sends the privacy service component a revoke action request in respect of a specific recipient on the list of recipients (e.g. Jordan Rules engine provides to Message Processor “Remove Recipient(s) from Sender’s buddy list” and instructs Authorization Server to modify ACL to remove i.e. John’s and Sally’s names from Barbara’s buddy list [0052]).  Andivahis and Jordan
(e.g. see Jordan, “Rules Engine 138 provides to Message Processor 136 the rules corresponding to the matching criteria, i.e., " Remove Recipient(s) from Sender's buddy list." Thus, at step 164, Message Processor 136 instructs Authorization Server 134 to modify ACL 140 to remove John's and Sally's names from Barbara's buddy list. FIG. 5D illustrates the content of ACL 140 following these changes s” [0052]).
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Andivahis and Jordan before him or her, to modify the method and system of Andivahis with the teachings of Jordan to include wherein the first messaging application sends the privacy service component a revoke action request in respect of a specific recipient on the list of recipients as claimed because Andivahis discloses a system and method for secure communication of encrypted electronic messages amongst users running client programs on devices that can store recipient(s) identifying information at a server and database for authorizing receipt of sender(s) messages (Andivahis [0005]-[0063]) where recipient(s) can be removed from such access control lists of the sender (Jordan [0052]).  The suggestion/motivation for doing so would have been to dynamically control user identification information included in the buddy lists based on content of messages received from the messaging clients (Jordan [0004]; [0005]).  Therefore, it would have been obvious to combine Andivahis and Jordan to obtain the invention as specified in the instant claim(s).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicants’ disclosure.
Mitter (US 20120210134 A1)
Miller (US 8583911 B1) 
LEE et al. (US 20130305040 A1)
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Kenneth W Chang whose telephone number is (571)270-7530.  The examiner can normally be reached on Monday - Friday 9-5pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on 571-272-3787.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private 






/KENNETH W CHANG/Primary Examiner, Art Unit 2438                                                                                                                                                                                                        
    PNG
    media_image1.png
    35
    280
    media_image1.png
    Greyscale

02.26.2021