DETAILED ACTION
This action is in response to communications filed on February 7th, 2021.
Claims 1, 7-9, and 15 are hereby allowed.  Claims 1, 9, and 15 are currently amended.  Claim 2-6 and 10-14 are currently canceled.  Claim 1, 7-9 and 15 are amended via Examiner’s Amendment below.  
The present application claims priority to European application no. EP18382095.0 filed on February 19th, 2018.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Interpretation
The “network nodes” amended via Examiner’s Amendment below to “network infrastructure nodes” which are being interpreted as being limited to non-transitory devices, as is necessary to be a part of a network infrastructure.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Martin Moynihan on April 21st, 2021.

Claim 1.	(Currently Amended) A system for validating ordered proof of transit of network traffic comprising a plurality of network infrastructure nodes assignable to a path, the path starting from an ingress node and finishing at an egress node, in a network, each network infrastructure node comprising a set of input network infrastructure node within the path, wherein each network infrastructure node is configured 
	
	network infrastructure node and the previous network infrastructure node of the matching route in the path;
	network infrastructure node; and
	
	 if the network infrastructure node is the ingress node, generate proof of transit metadata, which is included in the header of the received packet; and,
	if the network infrastructure node is the egress node, validate if the packet has traversed the path by verifying the proof of transit metadata and, if so, remove all the proof of transit metadata from the header before forwarding the packet via a set of output interfaces (21) provided by the network infrastructure node, otherwise drop the packet; and
-	for any node, update the proof of transit metadata using unique information hosted per each node;
wherein the proof of transit metadata generated by 
network infrastructure node different from the egress node updates the proof of transit metadata by updating the cumulative verification value using unique information, following Shamir’s Secret Sharing scheme; 
and each network infrastructure node different from the egress node network infrastructure node to forward the packet to a subsequent network infrastructure node of the matching route in the path and the storing means (22) of the network infrastructure node are further configured to provide the second private key associated with said network infrastructure node and the subsequent network infrastructure node of the matching route in the path;
wherein, if the order traversing the path is not respected, is used to decrypt the proof of transit metadata, which is different from the second key used by the 

Claim 7. (Currently Amended) The system according to claim 1, wherein the plurality of network infrastructure nodes for validating ordered proof of transit of network traffic is a subset of the full set of network infrastructure nodes from the ingress node to the egress node of the path.

Claim 8.	(Cancelled).

Claim 9.	(Currently Amended) A method for validating ordered proof of transit of network traffic through a path of multiple network infrastructure nodes starting from an ingress node and finishing at an egress node, the method comprising network infrastructure node within the path, characterized by further comprising:
	generating, at the ingress node, proof of transit metadata to be included in the header of the received packet, wherein the generated proof of transit metadata comprises a random polynomial secret and a cumulative verification value;
	identifying a matching route for the received packet with a routing table (23) and identifying proof of transit metadata in the header of the received packet;
	if the matching route for the received packet is identified and, if the identified matching route is associated with proof of transit metadata and proof of transit metadata is identified in the header of the received packet, providing a first private key associated with the network infrastructure node and the previous network infrastructure node of the matching route in the path and decrypting the proof of transit metadata by using the provided first private key;
	checking the cumulative verification value by using Shamir’s Secret Sharing scheme to verify the proof of transit metadata the proof of transit metadata, 
	updating the cumulative verification value by using unique information to update the proof of transit metadata following Shamir’s Secret Sharing scheme, prior to forwarding the packet to the next node in the path;
	updating the cumulative verification value by using unique information to update the proof of transit metadata following Shamir’s Secret Sharing scheme, prior to forwarding the packet to the next node in the path;
	updating the proof of transit metadata by each network infrastructure node;
	re-encrypting the proof of transit metadata at a network infrastructure node which is not the egress node by using a second private key, before forwarding the packet with the header, the header including the re-encrypted proof of transit metadata, from the network infrastructure node to a subsequent network infrastructure node of the matching route in the path;
	validating at the egress node if the packet has traversed the path by verifying the proof of transit metadata and, if so, removing all the proof of transit metadata from the header before forwarding the packet by the egress node, otherwise dropping the packet by the egress node; and


Claim 15.	(Currently Amended) The method according to claim 9, running in at least a subset of nodes from the set of multiple network infrastructure nodes of the path.

Reasons for Allowance
The following is an examiner’s statement of reasons for allowance:  no prior art was found individually or in combination to teach each and every limitation of independent claims 1 and 9.  Specifically, no prior art was found to teach the features of: identifying proof of transit metadata in the header of a packet, where the proof of transit metadata comprises a random polynomial secret and a cumulative verification value.  And using Shamir’s Secret Sharing Scheme to update the cumulative verification value, in order to ensure that the order traversing the path is respected, or to identify when the order is not respected.  The aforementioned claim limitations, in combination with all the other limitations of the independent claims, are therefor considered allowable.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Puiggali		Pat. Pub.	2012/0144186
Ward		Pat. Pub.	2017/0111209
Robinson	Patent no.	9,703,965
Anand		Pat. Pub.	2019/0014394
Pignataro	Pat. Pub.	2019/0182103
Bhandari	Patent no.	10,582,027
Filsfils		Pat. Pub.	2020/0076727

Any inquiry concerning this communication or earlier communications from the examiner should be directed to BLAKE J RUBIN whose telephone number is (571)270-3802.  The examiner can normally be reached on Monday - Friday, 9am - 5pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ario Etienne can be reached on 571-272-4001.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
4/26/21