DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
The nonstatutory double patenting rejection is maintained until a Terminal Disclaimer has been filed. 
Applicant’s arguments with respect to claims 1-21 have been considered but are moot because the arguments do not apply to any of the references being used in the current rejection.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 3/26/2020, 6/3/2020, 8/25/2020, 10/28/2020, 12/18/2020, and 12/23/2020 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.  A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO internet Web site contains terminal disclaimer forms which may be used.  Please visit http://www.uspto.gov/forms/.  The filing date of the application will determine what form should be used.  A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission.  For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.  
Claims 1-20 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1-20, respectively, of U.S. Patent No. 9843452.  Although the conflicting claims are not identical, they are not patentably distinct from each other because the claims of the instant application are broader in scope than the claims of the U.S. Patent 9843452. Therefore, claims 1-20 of the instant application are anticipated by claims 1-20 of U.S. Patent No. 9843452.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claims 1, 3, 5, 9, 11-13, 16-17 and 20-21 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Imai (US 8015399).
As per claims 1, 5 and 13, Imai discloses a computer-implemented method comprising: 
obtaining a request to issue a second digital certificate (Imai, Col. 15, lines 15-22 and lines 46-56 and Figs. 2 and 3; Similar to those of the upper level apparatus 30 and the lower level apparatus 40, the HTTPS server function part 21 receives (accepts) a communication request from an apparatus having an HTTPS client function, to thereby allow respective parts of an apparatus to execute an operation in response to the request and/or data received from the apparatus having the HTTPS client function, and return the result of the operation to the origin of the request. … The certificate issuance part 25 has a function of issuing public keys used in the authentication process according to SSL protocol by the certificate management apparatus 20 itself, the upper level apparatus 30, and the lower level apparatus 40, and issuing private keys corresponding to the public keys. In addition, the certificate issuance part 25 has a function of a certificate issuance unit, in which the certificate issuance part 25 attaches a digital signature to the issued public keys by using the root private key made by the authentication key generation part 24, and issuing a public key certificate (i.e. digital certificate).  Col. 33, lines 49-53; the regular public key certificate (i.e., second certificate) is requested to be issued);
determining, based at least in part on a first future expiration of a first validity period specified in a first digital certificate, to issue the second digital certificate (Imai, Col. 19, lines 18-23 and Col. 19, line 45 to Col. 20, lines 3; the regular public key certificate (i.e., second certificate) is to be issued with suitable shorter validity having an earlier expiration date based upon the rescue public key certificate (i.e., first certificate) having a longer validity period); 
issuing the second digital certificate to include:  a second validity period that is shorter than the first validity period (Imai, Col. 37, lines 55-60; the first digital certificate having a validity term that is longer than the validity term of the second digital certificate.  Col. 19, line 65 to Col. 20, line 3; the regular public key certificate (i.e., second certificate) is set to be issued with shorter validity with earlier expiration date), and
a second future expiration that is the same or earlier than the first future expiration of the first validity period specified in the first digital certificate (Imai, Fig. 9 shows the second certificate having the expiration of validity period on Jan. 1st 2004, and Fig. 10 shows the first certificate having the expiration of validity period on Jan. 1st 2050.  Figs. 9 and 10 and their associated description on Col. 18, lines 46-62 teach the second future expiration date is shorter than the first future expiration of the first validity period specified in the first digital certificate). 
As per claim 3,  Imai discloses the computer-implemented method of claim 1, further comprising using the first validity period to verify that the first digital certificate has Imai, Col. 19, lines 18-23 and Col. 19, line 45 to Col. 20, lines 3; the regular public key certificate (i.e., second certificate) is to be issued with suitable shorter validity having an earlier expiration date based upon the rescue public key certificate (i.e., first certificate) having a longer validity period, which is used to determine the validity of the rescue public key certificate); and 
wherein the determination to issue the second digital certificate is further based at least in part on an amount of time that is defined at least in part by the first future expiration of the first validity period being greater than a predetermined amount of time (Imai, Col. 37, lines 55-60; the first digital certificate having a validity term that is longer than the validity term of the second digital certificate. Col. 19, line 47-57; however, the validity term is set to fifty years merely for the reason that the validity term according to the X.509 format can only be set to a maximum of fifty years. However, a longer validity term may also be set, for example, a term of one hundred years, or a term of several hundred years. The expiration date of the validity term is merely indicated for the sake of a request of the format of the public key certificate. Accordingly, the rescue public key certificate may be regarded as having substantially no expiration date. This may also apply to a case where the validity term is 20 years, 30 years, or even a further shorter period).
As per claim 9, Imai discloses the system of claim 5, wherein the first digital certificate specifies a public cryptographic key that corresponds to a private cryptographic key (Imai, Col 2, lines 19-22, In verifying authenticity of the public key certificate A, the digital signature included in the public key certificate A is decoded with a key main body of the root key which is a public key corresponding to the root private key.). 
As per claims 11 and 17, Imai discloses the system of claim 9, wherein the second digital certificate includes a second public cryptographic key that is distinct from the public cryptographic key specified in the first digital certificate (Imai, Col 17, lines 1-8, The regular public key included in the regular public key certificate and the private key corresponding to the public key is different with respect to each of the apparatuses; Also, Col 18, lines 23-26, the lower level apparatus rescue public key certificate is a digital certificate having a digital signature attached to a rescue public key issued by the certificate management apparatus 20 for the lower level apparatus 40, in which the digital signature allows its authenticity to be verified with a lower level apparatus authentication rescue root key.).
As per claim 12, Imai discloses the system of claim 5, wherein the first digital certificate is an X.509 digital certificate (Imai, Col 16, lines 48-50, X.509 digital certificate). 
As per claim 20, Imai discloses the non-transitory computer-readable storage medium of claim 13, wherein the second digital certificate is usable for authentication of a server associated with an entity that submitted the request (Imai, lines 24-42 and Figs. 2 and 3; the certificate management apparatus is an apparatus issuing and managing certificates used in authenticating connection request for connection/communication between client and server. Col. 33, lines 49-53; the regular public key certificate (i.e., second certificate) is requested to be issued).
As per claim 21, Imai discloses the computer-implemented method of claim 1, wherein:
(Imai, Col. 37, lines 55-60; the first digital certificate having a validity term that is longer than the validity term of the second digital certificate.  Col. 19, line 65 to Col. 20, line 3; the regular public key certificate (i.e., second certificate) is set to be issued with shorter validity with earlier expiration date);
determining to issue the second digital certificate is based at least in part on:
determining a remaining validation period based at least in part on the first validity period (Imai, Col. 19, lines 18-23 and Col. 19, line 45 to Col. 20, lines 3; the regular public key certificate (i.e., second certificate) is to be issued with suitable shorter validity having an earlier expiration date based upon the rescue public key certificate (i.e., first certificate) having a longer validity period); and
determining that the remaining validation period exceeds a predefined time period, wherein the predefined time period is greater than zero (Imai, Col. 19, lines 18-23 and Col. 19, line 45 to Col. 20, lines 3; the regular public key certificate (i.e., second certificate) is to be issued with suitable shorter validity having an earlier expiration date based upon the rescue public key certificate (i.e., first certificate) having a longer validity period); and 
a duration of the second validity period is shorter than a duration of the first validity period (Imai, Col. 19, lines 18-23 and Col. 19, line 45 to Col. 20, lines 3; the regular public key certificate (i.e., second certificate) is to be issued with suitable shorter validity having an earlier expiration date based upon the rescue public key certificate (i.e., first certificate) having a longer validity period).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 2, 4, 6, 8, 10, 15-16, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Imai (US 8015399) in view of Brown (US 20130145151). 
As per claims 2 and 16,   Imai discloses the computer-implemented method of claim 1, wherein: 
the method further comprises verifying the digital signature using a public cryptographic key specified by the first digital certificate (Imai, Col 2, lines 19-22, In verifying authenticity of the public key certificate A, the digital signature included in the public key certificate A is decoded with a key main body of the root key which is a public key corresponding to the root private key.); and 
Imai does not disclose; however, Brown discloses the request includes a digital signature (Brown, Para. 0017, digitally sign).
Therefore, it is obvious to one ordinary skilled in the art before the effective filing
date of the claimed invention to incorporate the teaching of Brown, with the system and method of Imai, given the benefit of creating and using a derived certificate based on a changing identity.
As per claims 4, 8 and 18, Imai does not disclose; however, Brown discloses the computer-implemented method of claim 1, wherein the second digital certificate is issued to have one or more subject fields not included within the first digital certificate (Brown, Para. 0031, In addition to fields for a public key and for a digital signature, an X.509 certificate comprises a number of other standard fields, including, for example, a field indicating the subject of the certificate and another field indicating the issuer of the certificate.).
Therefore, it is obvious to one ordinary skilled in the art before the effective filing
date of the claimed invention to incorporate the teaching of Brown, with the system and method of Imai, given the benefit of creating and using a derived certificate based on a changing identity.
 As per claims 6 and 15, Imai does not disclose; however, Brown discloses the system of claim 5, wherein the request to issue the second digital certificate includes the first digital certificate (Brown, Para. 0017, a certificate for the new identity of the first device may be created by having the certificate authority digitally sign the certificate request received from the first device. Once the certificate authority has created the certificate for the new identity of the first device, the certificate authority may provide the certificate to the first device, and the first device may send the certificate to the second device.)
Therefore, it is obvious to one ordinary skilled in the art before the effective filing
date of the claimed invention to incorporate the teaching of Brown, with the system and method of Imai, given the benefit of creating and using a derived certificate based on a changing identity. 
As per claim 10, Imai does not disclose; however, Brown discloses the system of claim 9, wherein the request is digitally signed utilizing the private cryptographic key corresponding to the public cryptographic key (Brown, Para. 0017, a certificate for the new identity of the first device may be created by having the certificate authority digitally sign the certificate request received from the first device; Also, Para. 0018, the first device may create a derived certificate that binds the short-term identity to a short-term public key of the first device, the derived certificate digitally signed using the long-term private key of the first device.)
Therefore, it is obvious to one ordinary skilled in the art before the effective filing
date of the claimed invention to incorporate the teaching of Brown, with the system and method of Imai, given the benefit of creating and using a derived certificate based on a changing identity. 
Claims 7 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Imai (US 8015399) in view of Akehurst (US 2013/0254535). 
As per claims 7 and 14, Imai does not disclose; however, Akehurst discloses the system of claim 5, wherein the first digital certificate further specifies a date of validation of an entity prior to issuance of the first digital certificate, one or more standards usable to validate the entity, and an identifier corresponding to the entity (Akehurst, Para. 0042,  client computer uses client certificate program to obtain the public key digital certificate of certification authority computer, the issuer and signatory of the contacted server public key certificate. The public key certificate for certification authority computer may be retrieved by client computer from a pre-loaded storage location within the storage memory of the client computer. Client authenticate-validate program then uses the public key certificate of certification authority computer to authenticate the signature on the certificate of the contacted server, confirming the identity of the contacted server. If the signatures are determined to match, the contacted server public key certificate is authenticated; Also, Para. 0043, the validity of a certificate, such as public key certificate 200 discussed in FIG. 2, refers to the time period stated within an attribute of the certificate. The certificate validity is defined by a start period and end period designated as "not before" date and time and "not after" date and time, respectively, as illustrated by validity period 250 in FIG. 2. Client computer uses client authenticate-validate program to request a current date and time value from a network location specified within public key certificate. The network location specified within the digital certificate can be, for example, trusted time computer, which provides a current date and time value from trusted time source, sent to client computer over network, to determine if public key certificate is valid and is not expired.).
Therefore, it is obvious to one ordinary skilled in the art before the effective filing date of the claimed invention to incorporate the teaching of Akehurst, with the system and method of Imai, given the benefit of generating a temporary digital certificate with a useful life of only a few minutes to a few hours. 
Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over Imai (US 8015399) in view of Levy (US 20180262346). 
As per claim 19, Imai does not disclose; however, Levy discloses the non-transitory computer-readable storage medium of claim 13, wherein the executable instructions further cause the computer system to determine a validity period from the request to determine whether to issue the second digital certificate (Levy, Para. 0023-0024, The request may also include parameters that indicate parameters to be included in the digital certificate 108 such as a subject that corresponds to the customer 102 submitting the request and a validity period for the digital certificate 108. The customer 102 may specify in the configuration information that the certificate authority 104 is to issue a new digital certificate 110 if the digital certificate 108 is utilized at a frequency that surpasses the minimum threshold frequency within the period of time prior to expiration of the digital certificate 108.).
Therefore, it is obvious to one ordinary skilled in the art before the effective filing date of the claimed invention to incorporate the teaching of Levy, with the system and method of Imai, given the benefit of obtaining information usable to determine whether the digital certificate is valid. 
Conclusion
Updated search has yielded the following list of references that are considered pertinent to the claimed invention:
Liu (US 20110154027): A method of renewing a plurality of digital certificates includes receiving, at a first time, a request from a user to renew a first digital certificate and determining an expiration date for the first digital certificate. The method also includes receiving, at a second time, a request from the user to renew a second digital certificate and determining an expiration date for the second digital certificate. The expiration date for the second certificate is later than the expiration date for the first certificate. The method further includes determining a new expiration date occurring after the first time and the second time and renewing the first digital certificate. An expiration date for the renewed first digital certificate is equal to the new expiration date.
Dixon (US 20130238895): A renewed digital certificate is obtained within an asynchronous messaging environment from a certificate server of an issuer of an existing digital certificate to replace the existing digital certificate. The renewed digital certificate includes an extended attribute that stores a serial number value of the existing digital 
Martin (US 20080065880): For use in a distributed system where a client computer is operable to communicate with a server computer and to receive a digital certificate associated with a remote external component, apparatus for securing a communications exchange between computers includes a hasher, responsive to the client computer receiving a digital certificate, for hashing data associated with the client computer and the server computer with data associated with the digital certificate to create a first message digest, and a first transmitter for transmitting the first message digest to the remote external component. 
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANGELA R HOLMES whose telephone number is (571)270-3357.  The examiner can normally be reached on Monday-Friday 8:00AM-4:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/ANGELA R HOLMES/Examiner, Art Unit 2498     

/YIN CHEN SHAW/Supervisory Patent Examiner, Art Unit 2498