DETAILED ACTION
	
Introduction
Claims 2-21 are pending. Claim 1 is cancelled. This Office action is in response to Application 16/507,812 filed on 7/10/2019 and the claim amendments filed on 1/30/2020. 

Claim Objections
Claims 9, 17, and 21 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Claim Rejections: 35 U.S.C. 103(a)
The following is a quotation of pre-AIA  35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the invention was made.

Claims 2-3, 5-8, 10-11, 13-16, and 18-19 are rejected under pre-AIA  35 U.S.C. 103(a) because they are unpatentable over Zimmer (US 2005/0044363) in view of Thornton (US 2005/0081025).
Regarding claims 2, 10, and 18, Zimmer teaches a method comprising: accessing a first certificate including a first public key and subject name (A client 308 accesses a first certificate in an access list 316. The first certificate includes a first public key and a first subject name. See par. 35, 37; fig. 3, item 316); accessing a second certificate including a second public key and a 1); accessing a third certificate, the third certificate being received from a first remote server machine (The client receives a third certificate from one of manageability servers A-D. See par. 37; fig. 3); identifying, by a hardware processor, whether the first remote server machine is trusted by identifying whether the third certificate matches the first certificate or the second certificate (The client identifies whether the manageability server is trusted by determining whether the third certificate matches either the first certificate or the second certificate. See par. 37), and establishing a secure communication session with the first remote server machine based on identifying that the first remote server machine is trusted (In response to identifying the manageability server as trusted, the client establishes an encrypted communication session with the manageability server. See par. 42).
However, Zimmer does not teach that the first and second certificates are first and second versions of the same certificate, or that the first and second subject names both refer to a single subject name associated with a plurality of remote server machines that include the first remote server machine. Nonetheless, Thornton teaches a certificate renewal system whereby an older version of a certificate is installed on a first server 53 and a newer version of the certificate is installed on a second server 53 (See par. 95, 112; fig. 9), whereby the older and newer versions of the certificate include the same subject name (i.e., the organization name of service provider 1408. See par. 148), and whereby the older and newer versions of the certificate include either the same or different public keys (See par. 146). 
It would have been obvious to one of ordinary skill in the art at the time of the invention to modify the system of Zimmer so that that first and second certificates include the same subject name, because doing so allows two or more of the manageability servers A-D to be operated by the same service provider. In addition, it would have been obvious to one of ordinary skill in the art at the time of the invention to modify the system of Zimmer so that the first and second certificates are older and newer versions of the same certificate, because doing so allows the service provider to renew the first and second certificates in a staggered fashion. 
Regarding claims 3, 11, and 19, Zimmer and Thornton teach wherein: the first version of the certificate further includes a first time period for which the first version of the certificate is enabled; and the second version of the certificate further includes a second time period for which the second version of the certificate is enabled, the second time period being different than the first time period (Thornton teaches that the first and second versions of the certificate have different expiration times and therefore different validity periods. See par. 95. It would have been obvious to modify the system of Zimmer and Thornton so that the first and second versions of the certificate have different expiration times because doing so is beneficial for the reasons provided above with respect to claim 2). 
Regarding claims 5 and 13, Zimmer and Thornton teach wherein the accessing the first version of the certificate and the second version of the certificate comprises accessing a plurality of security assets that are enabled for the first subject name from a security asset repository, the plurality of security assets that are enabled including the first version of the certificate and the second version of the certificate (As indicated in the discussion of claim 2, Zimmer and Thornton collectively teaches that a client accesses first and second versions of a certificate to authenticate a manageability server. The storage location from which the client accesses the certificates is 
Regarding claims 6 and 14, Zimmer and Thornton teach wherein the security asset repository further comprises a plurality of security assets for the first subject name that are disabled (Zimmer teaches that some of the stored certificates may be revoked certificates, as indicated by certificate revocation list 410. See par. 39; fig. 4, item 410. In addition, Thornton teaches a revoked certificates store 1412 that stores revoked certificates. See par. 183; fig. 4, item 1412).
Regarding claims 7 and 15, Zimmer and Thornton teach wherein the security asset repository further comprises security asset information that includes a plurality of logical security asset channels including a first logical security asset channel (Zimmer teaches a certificate store 1410 that is partitioned into a first logical security asset channel comprising certificates that are issued to clients and a second logical security asset channel comprising certificates that are revoked. See par. 183. It would have been obvious to modify the system of Zimmer so that the security asset repository is partitioned into such logical security asset channels because doing so facilitates certificate management). 
Regarding claims 8 and 16, Zimmer and Thornton teach wherein the first logical security asset channel comprises a plurality of security asset objects including a first security asset object that includes a plurality of security assets for the first subject name that are enabled (Thornton teaches that the first logical security asset channel is further partitioned into a first security asset object comprising certificates that are issued to clients and a second security asset object 
Claims 4, 12, and 20 are rejected under pre-AIA  35 U.S.C. 103(a) because they are unpatentable over Zimmer and Thornton, as applied to claims 3, 11, and 19 above, in further view of McCall (US 2008/0127322).
Regarding claims 4, 12, and 20, Zimmer and Thornton do not teach further comprising receiving a command to override the first time period and disable the first version of the certificate. However, McCall teaches a system for remotely revoking a certificate by issuing a certificate revocation command. See par. 22. 
It would have been obvious to one of ordinary skill in the art at the time of the invention to modify the system of Zimmer and Thornton so that the first and second versions of the certificate can be remotely revoked using a certificate revocation command because doing so allows the system to revoke the first and second versions of the certificate if they become compromised. 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Andrew Georgandellis whose telephone number is 571-270-3991.  The examiner can normally be reached on Monday through Friday, 7:30-5:00 PM EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Tonia Dollinger, can be reached on 571-272-4170.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/ANDREW C GEORGANDELLIS/Primary Examiner, Art Unit 2459                                                                                                                                                                                                        



    
        
            
        
            
        
            
        
            
        
            
        
            
    

    
        1 Even if it is assumed that the public keys are the same, Thornton teaches two different versions of a certificate, each having the same or different public key, as indicated below.