Notice of Pre-AIA  or AIA  Status
 1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .  Claims 21, 25, 27, 28, 32-35 and 39 are amended.  Claims 21-40 are pending.
Response to Arguments
2.	Applicant's arguments filed on 12/28/2020 have been fully considered but they are not persuasive.  
 	In remarks, Applicant argues that the cited references, Nakhjiri, fail to teach or suggest “transmitting, from the CA computing device to the CDN computing device, at least one certificate validity message of the plurality of certificate validity messages and at least one cache key of the plurality of cache keys, wherein the CDN computing device uses the at least one cache key to store the at least one certificate validity message in a cache” as recited in independent claims 21, 28 and 35.  

	Examiner respectfully disagrees.  The cited prior art, Nakhjiri, mentions digital certificates are issued by the Certificate Authority (CA) and the CA also issue CRLs for checking revocation status.  Due to issues such as lack of network connectivity, many devices have difficulty using CRLs for checking revocation status.  Many PKI systems provide an online certificate status checking protocol (OCSP).  Any party that holds a certificate from another party can use OCSP for verifying revocation status of the certificate instead of downloading a full CRL. This is typically done by sending an OCSP request to the CA or a designated responder (an OCSP responder) and then receiving an OCSP response (Nakhjiri, paragraph 0001).  

	In Applicant’s Specification, Applicant mentions that “[a] large commercial certificate authority may issue thousands, or even millions of certificates to relying parties directly.  

	Similarly, Nakhjiri discloses the OCSP system includes an OCSP responder, and OCSP proxy and a cache.  The OCSP responder can provide the OCSP response.  The OCSP proxy can receive the OCSP request from the end device, can send the OCSP request to the OCSP responder, can receive the OCSP response from the OCSP responder and can send the OCSP response to the end device.  Thus, although Nakhjiri does not explicitly mention the OCSP system is a CDN, the OCSP system of Nakhjiri provide the similar functionality of the CDN which is to facilitate the distribution of the OCSP responses.

	Moreover, Nakhjiri and Edstrom disclose “at least one cache key of the plurality of cache keys, wherein the CDN computing device uses the at least one cache key to store the at least one certificate validity message in a cache”.

	Nakhjiri discloses “[a]n OCSP response may be kept in a cache up to the end of its validity period” (Nakhjiri, paragraph 0005); “If an OCSP response is found in cache 106, then first the status and validity period of the cached OCSP response is verified...the validity of the OCSP response will indicate the time period that this OCSP response can be used to verify the status of the certificate corresponding to the public key provided by device 101, e.g., a number of days”.



 	Since the cache key is part of the metadata information to the certificate validity message, used to identify the certificate validity messages in the cache.  Even though Nakhjiri does not explicitly mention the cache key as the metadata to the certificate validity messages.  It would have been an obvious feature derive from Nakhjiri since in order to retrieve the information from the cache, it would have been necessary to provide the metadata information with the certificate validity messages in order to identify the object in the cache.  Nevertheless, the Edstrom reference was provided to support such feature. For example, Edstrom discloses the status of a batch or set of one or more certificates in the cache (Edstrom, paragraph 0310).
 	Cache key is known as a unique identifier for an object in the cache.  If the certificate validity messages stores in the cache as a batch or a set.  At least one cache key identify each OCSP in the cache would be obvious in order to identify the OCSP in the cache.  

 	Therefore, examiner respectfully disagrees that the combination of Nakhjiri and Edstrom fail to teach the alleged claimed limitation of “transmitting, from the CA computing device to the CDN computing device, at least one certificate validity message of the plurality of certificate validity messages and at least one cache key of the plurality of cache keys, wherein the CDN computing device uses the at least one cache key to store the at least one certificate validity message in a cache” as recited in independent claims 21, 28 and 35.  

	With respect to Applicant’s remarks to the amended claim has overcome the Double Patenting.  Examiner respectfully disagrees because the claimed amendment does not change the scope or narrow the scope of the claims.  Therefore, the Double Patenting rejection is maintained.
Double Patenting
3.	The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
 	Claims 21-40 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-21 of U.S. Patent No. 9887982 and claims 1-15 of U.S. Patent No. 10,404681. Although the claims at issue are not identical, they are not patentably distinct from each other because the instant claims are broader in scope of the patent claims.

Claim Rejections - 35 USC § 103
4.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:


 	Claims 21-40 are rejected under 35 U.S.C. 103 as being unpatentable over Nakhjiri (U.S. Patent Application Publication No. 2011/0161663) in view of Edstrom et al. (U.S. Patent Application Publication No. 2011/0154017, hereinafter Edstrom).
 	With respect to claim 21, Nakhjiri discloses a computer-implemented method for distributing certificate validity messages to a content delivery network (CDN) computing device, the computer-implemented method comprising: 
 	generating, at a certificate authority (CA) computing device separate from the CDN computing device, a plurality of certificate validity messages; generating, at the CA computing device, a plurality of cache keys, and transmitting from the CA computing device to the CDN computing device, at least one certificate validity message of the plurality of certificate validity messages and at least one cache key to store the at least one cache key of the plurality of cache keys, wherein the CDN computing device uses the at least one cache key to store the plurality of certificate validity messages in a cache (e.g. Nakhjiri, paragraph 0005, “…caching of the OCSP response.  An OCSP response may be kept in a cache up to the end of its validity period…the validity period is set depending on the applications and entity for which the certificate is used, the likelihood for certificate revocation and other security consideration”; paragraph 0026, “…an online certificate status checking protocol (OCSP) system is provided for use with a first device, an end device and a certificate authority.  The first device can provide a certificate.  The end device can provide an OCSP request based on the certificate and process an OCSP request based on the certificate and process an OCSP response. The certificate authority can provide a CRL update.  The certificate has a validity period.  The OCSP system includes an OCSP responder, and OCSP proxy and a cache.  The OCSP responder can provide the OCSP response.  The OCSP proxy can receive the OCSP request from the end device, can send the OCSP request to the OCSP responder can receive the OCSP response from OCSP responder and can send the OCSP response to the end device.  The cache can store information based on the OCSP response.  The OCSP proxy can further store in the cache information based on the OCSP response and can send a proactive OCSP request to the OCSP responder based on a predetermined policy….The OCSP The OCSP proxy can further updated information in the cache based on the proactive OCSP response”; OCSP system is equate to “Content Delivery Network or CDN”; OCSP response to certificate validity messages).
 	Nakhjiri discloses search cache for response for the certificate identifier to check if a response has been cached and verify validity of the certificates and search the latest CRL (issue from CA) (i.e. Nakhjiri, paragraphs 0013-0021).
 	 Nakhjiri does not explicitly disclose a plurality of cache keys to store the plurality of certificates validity messages.  However, Edstrom discloses determining status of a batch or set of one or more certificates (e.g. Edstrom, paragraph 0310).  Moreover, a cache key is an index entry that uniquely identifies an object in a cache.  Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to generate plurality of cache keys corresponding to plurality of the certificate validity messages to ensure efficiency in identify and differentiate objects stored in the cache.  



 	With respect to claim 23, Nakhjiri and Edstrom disclose the computer-implemented method of claim 21, further comprising identifying a set of certificates that at least one of have been revoked or expire within a certain time period, wherein the plurality of certificate validity messages is generated based at least in part on the set of certificates (e.g. Nakhjiri, paragraph 0026; Edstrom, paragraph 0310). 

 	With respect to claim 24, Nakhjiri and Edstrom disclose the computer-implemented method of claim 21, further comprising identifying a set of certificates for which a respective status has been requested by one or more client computing devices at least a threshold number of times, wherein the plurality of certificate validity messages is generated based at least in part on the set of certificates (e.g. Nakhjiri, paragraph 0036). 

 	With respect to claim 25, Nakhjiri and Edstrom do not explicitly disclose the computer-implemented method of claim 21, wherein said generating a plurality of cache keys, comprises: receiving one or more cache key generation algorithms from the CDN computing device; 
 	However, Nakhjiri discloses the OCSP system for receiving the OCSP request and transmitting the OCSP request to the responder and transmit the OCSP response to the end device.  Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date to use the OCSP system providing the algorithm in order to enable the OCSP system to facilitate the generation of the OCSP response and distribute to the end device.

 	With respect to claim 26, Nakhjiri and Edstrom disclose the computer-implemented method of claim 21, wherein each of the plurality of certificate validity messages is an online certificate status protocol (OCSP) response (e.g. Nakhjiri, paragraph 0026). 

 	With respect to claim 27, Nakhjiri and Edstrom disclose the computer-implemented method of claim 21, further comprising, transmitting, from the CA computing device to the CDN computing device the plurality of certificate validity messages and the plurality of cache keys to the CDN computing device, wherein the CDN computing device uses the plurality of cache keys to store the plurality of certificate validity messages in the cache (e.g. Nakhjiri, paragraphs 0005 and 0026; Edstrom, paragraph 0310). 

 	With respect to claims 28-40, the claims are computer-readable storage media claims and system claims that are similar to the method claims.  Therefore, claims 28-40 are rejected based on the similar rationale.

Conclusion
5.	THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TONGOC TRAN whose telephone number is (571)272-3843.  The examiner can normally be reached on 9-5 Monday - Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571) 272-3811.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.



/TONGOC TRAN/Primary Examiner, Art Unit 2434