Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Applicant’s arguments with respect to claims 1-23 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-6, 8-14, 16-21 and 23 are rejected under 35 U.S.C. 103 as being unpatentable over Gillum (US. Pub. No.: 2012/0167233) in view of Zink et al. (Hereinafter referred to as Zink, US. Pub. No.: 2017/0034100).


As per claim 1:
Gillum discloses a system for domain name authentication, the system comprising:
a processor coupled to a memory containing instructions executable by the processor to cause the system to (0016):
maintain a database with a plurality of trusted domains (0013-0014: trusted domain and authorized domain);
analyze a domain associated with an undelivered message intended to be delivered to a recipient, wherein analysis of the domain comprises comparing the domain with one or more of the plurality of trusted domains (0020-0021);
if the domain is determined to be similar to at least one of the trusted domains, correlate metadata of the domain with metadata of the at least one trusted domain (0021-0022 : DKIM); and
flag the domain as being legitimate or flag the domain as being illegitimate based on the correlation (0025-0028; 0025: trust indicator).

Gillum does not explicitly disclose the determined domains to be similar are not identical domains. Zink, in analogous art however, discloses the determined domains to be similar are not identical domains (0028; 0032-0033: align DMAC and domain in the From: address may be trusted domain; DMARC results are usually stamped in the Authentication-Results header in a message; 0039: the domain in the From: address may be checked to align methods and systems to address a need that arises from very large scale of operations created by networked computing and cloud based services that cannot be managed by humans and provide increased security and efficiency communication exchange such as emails, reduced processing and network bandwidth usage (malicious or undesired emails being filtered at email service provider), and improved user interaction by allowing recipients to authenticate their emails without having to acquire knowledge or pay a third party to configure their DKIM and SPF settings as suggested by Zink (0019-0020).

As per claim 2:
Gillum discloses wherein the domain is flagged as being legitimate based on a positive correlation and the domain is flagged as being illegitimate based on a negative correlation (0032-0033).


Gillum discloses wherein the metadata comprises an identity of a registrar for the domain being analyzed (0047).

As per claim 4:
Gillum discloses wherein the metadata comprises an identity of one or more name servers serving the domain being analyzed (0023).

As per claim 5:
Zink discloses wherein the metadata is stored in a domain name system (DNS) (0022-0024: DNS records, DMARC records, SPF records, DKIM records; 0028; 0039).

As per claim 6:
Zink discloses wherein the metadata comprises at least one of a Mail Exchanger (MX) record, a Sender Policy Framework (SPF) record, and a DomainKeys Identified Mail (DKIM) record (0022-0024: DNS records, DMARC records, SPF records, DKIM records; 0028; 0039).

As per claim 8:
Gillum discloses wherein the metadata comprises an identity expressed in Secure Sockets Layer (SSL), Transport Layer Security (TLS), other cryptographic certificates (0048).

As per claims 9-14 and 16:


As per claims 17-21 and 23:
Claims 17-21 and 23 are directed to a system for detecting one or more dangerous websites including one or more fraudulent domains, the system comprises a processor coupled to a memory containing instructions executable by the processor to cause the system to perform the features having substantially similar claimed features as recited in corresponding limitation of claims 1-7 and 8 respectively and therefore claims  17-21 and 23 are rejected with the same rationale given above  to reject claims 1-7 and 8.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:


Claims 7, 15 and 22 are rejected under 35 U.S.C. 103 as being unpatentable over Gillum (US. Pub. No.: 2012/0167233) in view of Zink et al. (Hereinafter referred to as Zink, US. Pub. No.: 2017/0034100) in further view of Shull et al. (hereinafter referred to as Shull, US. Pub. No.: 20080034211).

As per claims 7, 15 and 22:
Gillum and Zink do not explicitly disclose wherein the metadata comprises information stored in a WHOIS database. Shull, in analogous art however, discloses wherein the metadata comprises information stored in a WHOIS database (0064; 0083; 0092). Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to modify the method disclosed by Gillum and Zink to include wherein the metadata comprises information stored in a WHOIS database. This modification would have been obvious because a person having ordinary skill in the art would have been motivated by the desire to provide methods and systems for validating ownership of domain names as suggested by Shull (0011).


BRI (Broadest Reasonable Interpretation)
The above claims under examination have been given their BRI consistent with the applicant’s disclosure as it would be interpreted by one of ordinary skill in the art and the following claim words or terms or phrases or languages have been given to them the following reasonable BRI considerations in view of the applicant’s disclosure in order to construe boundary and scope of the claimed limitations. For example, for the following claim words or terms or phrases or languages, the examiner recites BRI considerations from the applicant’s disclosure as follows:
DNS metada: [0014; 0032; 0039: The system 10 is configured to analyze most, if not all, DNS metadata provided by a DNS system, for example, for a given domain under inspection, including, but not limited to, the registrar of the domain, the IP addresses of Mail Exchanger (MX) records, DomainKeys Identified Mail (DKIM) records, and other service addresses beyond Simple Mail Transfer Protocol (SMTP), Internet Message Access Protocol (IMAP), and Post Office Protocol (POP). The system 10 is further configured to utilize other data associated with the domain name under inspection, such as behavioral attributes of the trusted entity or party, including, but not limited to, server software in use and policies the entity or party enforces].

Conclusion
The prior arts made of record and not relied upon are considered pertinent to applicant's disclosure. See the notice of reference cited in form PTO-892 for additional prior arts.

THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TECHANE GERGISO whose telephone number is (571)272-3784.  The examiner can normally be reached on 9:30am to 6:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG W KIM can be reached on 5712723804.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.







/TECHANE GERGISO/Primary Examiner, Art Unit 2494