DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present application, final filed on June 24, 2019, is accepted.
Claims 1 – 21 are considered on the merits.

Drawings
The subject matter of this application admits of illustration by a drawing to facilitate understanding of the invention.  Applicant is required to furnish a drawing under 37 CFR 1.81(c).  No new matter may be introduced in the required drawing.  Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d).
 
Specification
The specification, filed on June 24, 2019, is accepted.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


Claims 1, 3, 6, 8 – 9, 14 – 15 and 17 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claims 1 and 17 recite the limitation "the validity of a file" in line 1.  There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination, “the validity of a file” is interpreted as “a validity of a file”.
Claims 1, 8 recite the limitation "said plurality of users" in line 3.  There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination, “said plurality of users” is interpreted as “said two users”.
Claim 1 recites the limitation "the user" in step (a) line 1.  There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination, “the user” is interpreted as “a user”.
Claim 1 recites the limitation "said confirmer of the validity" in line 15.  There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination, “said confirmer of the validity” is interpreted as “said confirming the validity”.
Claim 1 recites the limitation "a pair key" in line 20.  There is a subsequent recitation of “said key pair” that lacks antecedent basis, therefore, the recite“a pair key” is interpreted as “a key pair”.
Claim 1 recites the limitation "the sequential realization" in 3.  There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination, “the sequential realization” is interpreted as “a sequential realization”.
Claim 3 recites the limitation "said registration in step (f)" in line 1.  There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination, “said registration in step (f)” is interpreted as “registration in step (f)”.
Claim 6 recites the limitation "said determination in step (b)" in line 2.  There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination, “said determination in step (b)” is interpreted as “a determination in step (d)”.
Claim 6 recites the limitation "the calculation of a hash" in line 2.  There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination, “the calculation of a hash” is interpreted as “a calculation of a hash”.
Claim 9 recites the limitation "said non-encrypted hash" in line 2.  There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination, “said non-encrypted hash” is interpreted as “a non-encrypted hash”.
Claim 14 recites the limitation "the family of Secure-Hash-Algorithms" in lines 2 - 3.  There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination, “the family of Secure-Hash-Algorithms” is interpreted as “a family of Secure-Hash-Algorithms”.
Claim 15 recites the limitation "said hash as obtained in step (b)" in line 1.  There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination, “said hash as obtained in step (b)” is interpreted as “said hash as obtained in step (d)”.
Claim 15 recites the limitation "said signed hash" in line 3.  There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination, “said signed hash” is interpreted as “a signed hash”.
Claim 17 recites the limitation "a user identity" in line 3. It is considered ambiguous because it recites “a user identity” and the parent defines “a user identity” and therefore it is not clear whether they refer to the same “user identity”. For the purpose of examination, “a user identity” is interpreted as “said user identity”.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claim 21 is directed towards computer-readable storage medium which is not limited to falling under the statutory classes of invention set forth. These claims in using the term “readable medium,” in accordance with line 6 of pages 21 in Applicants’ Specification, allow for the computer-readable storage medium to be signals. Based on current USPTO Policy, when the computer readable medium is not specifically defined as excluding signals i.e. non-transitory in the Specification the broadest reasonable interpretation is used according to MPEP 2111, thus the computer readable medium may embody signals, i.e. transitory media. The Examiner notes that line 6 only discloses examples of the “readable medium” and does not define the “readable medium” as excluding signals for example non-transitory. Accordingly the Examiner suggests that Applicants amend the claims to add a limitation to direct the language of the ‘readable medium’ claims to only include the non-transitory embodiment which would remove the possibility of claiming signals.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1 - 2, 6 - 10, 13 - 17, and 20 - 21 is/are rejected under 35 U.S.C. 103 as being unpatentable over US 5465299 A to Matsumoto et al., (hereafter, "Matsumoto") in view of US 20160330027 A1 to Ebrahimi.
Regarding claim 1, Matsumoto teaches computer-implemented method for maintaining the validity of a file by two users, that are a receiver and a validating instance, said method comprising the sequential realization of the following set of steps for each of said plurality of users: [Matsumoto, abstract discloses in a terminal which received an electronic document with at least one digital signature, when a user changes the contents of the received electronic document, a new digital signature is produced by enciphering signature data by using a secret key of the user, the signature data including a hash total of the document of a new version, personal information of the user (signatory), and version management information necessary to restore an electronic document of a former version from the electronic document of the new version. The new digital signature and the new version electronic document version are transmitted together with the received digital signature to a next person on a document circulating route] (a) providing said file to the user; [Masumoto, col. 3 lines 23 – 28 discloses the digital signature is made to correspond to the electronic document of the new version together with the digital signatures of the other signatories added to the electronic document of the former version which was received from the network and is transmitted to the next person of the document circulating route.]
 (c) confirming a validity of said publisher-related file signature; [Masumoto, col. 3 lines 39 – 46 discloses the relation between the digital signature and the electronic document is checked by a method whereby signature data is obtained by deciphering each digital signature by the public key of the signatory and the hash total of the document data extracted from the signature data is compared with the hash total of the document data obtained by performing the hash total process to the electronic document of the current version. col. 10 lines 27 - 30 discloses a procedure for verification of the validity of the digital signature which is executed in the terminal device 108 which received the document data accompanied with the above version management table 412] (d) determining an identification string belonging to said file based on said file and/or optionally based on said publisher-related file signature; [Masumoto, col. 8 lines 22 – 28 discloses If the return value is equal to "0", it means that all of the signatures added to the document data are legal. In this case, a message indicating that the signatures are legal is displayed on the display and the user is allowed to input persona information such as a name and the like and, after that, the input of the additional data to the document is permitted (step 306)] (e) establishing a renewed file signature based on at least both said identification string belonging to said file and a private key belonging to the user; [Masumoto, col. 8 lines 32 – 47 discloses a hash total process is executed to the document data and a hash total h of the document data is produced. The personal information inputted in step 306 is now substituted for a variable P (step 309). The number i of the data additional subregion is substituted for a variable T (step 310) and signature data S is formed (step 311). The signature data is expressed by S = (h | P | T). Symbol "|" denotes the coupling of the data. An encipher process using the secret key of the signatory is executed to the signature data S (step 312) and a digital signature is produced. In step 313, a communication message is edited so as to include the document data 105 which was updated this time, the digital signatures 113A to 113(n-1) of the other users, and a new signature 113n which was formed this time and is transmitted to the next circulating person] in which said publisher-related file signature comprises a publisher identity belonging to a publisher; [Masumoto, col. 3 lines 13 – 16 discloses a digital signature of a user (signatory) is produced by using signature data including a hash total of a document formed by performing a hash total process to the electronic document of a new version, personal information of the user (signatory), and version management information which is necessary to restore the electronic document of the previous version from the electronic document of the new version] in which said publisher is different of each of said two users; [Masumoto, col. 6 lines 9 – 16 discloses a procedure that document data 101, which was formed by the user (signatory) A at the terminal 10A and to which a digital signature 113A of the user A and a digital signature 113B of the next user B have already been added, is received by the user C of the terminal 10C and the contents of the document are partially changed and, after that, a digital signature 113C of the user C is added to the resultant document data] in which said confirmer of the validity in step (c) comprises determining the validity of said publisher identity; [Masumoto, col. 10 lines 27 - 30 discloses a procedure for verification of the validity of the digital signature which is executed in the terminal device 108 which received the document data accompanied with the above version management table 412] in which said establishing in step (e) comprises encrypting said identification string by means of said private key belonging to a pair key belonging to said user for obtaining a signed identification string, said key pair comprising said private key and a public key; in which said renewed file signature 3comprises said signed identification string; [Masumoto, col. 8 lines 32 – 47 discloses a hash total process is executed to the document data and a hash total h of the document data is produced. The personal information inputted in step 306 is now substituted for a variable P (step 309). The number i of the data additional subregion is substituted for a variable T (step 310) and signature data S is formed (step 311). The signature data is expressed by S = (h | P | T). Symbol "|" denotes the coupling of the data. An encipher process using the secret key of the signatory is executed to the signature data S (step 312) and a digital signature is produced. In step 313, a communication message is edited so as to include the document data 105 which was updated this time, the digital signatures 113A to 113(n-1) of the other users, and a new signature 113n which was formed this time and is transmitted to the next circulating person. Col. 3 lines 20 – 22 discloses for example, the above digital signature is obtained by enciphering the signature data by using a secret key allocated to each user in the public key cryptosystem] and in which said maintaining is done as soon as step (f) has been carried out for each user, [Masumoto, col. 8 lines 9 – 12 discloses when the document data (communication message) to which (n-1) signatures were added until the former circulating person is received (step 302), the document data is displayed on the display (step 303). A signature verifying processing routine, which will be explained in detail in FIG. 5, is executed (step 304). The result of the verification in the above signature verifying processing routine is shown by a return value of a parameter] but Masumoto does not teach (b) searching a publisher-related file signature in a blockchain, said publisher-related file signature belonging to said file; (f) registering said renewed file signature in said blockchain; in which said renewed file signature at least allows to identify said file in a unique way with respect to the blockchain, in which said renewed file signature comprises a user identity for finding said public key.
	However, Ebrahimi does teach (b) searching a publisher-related file signature in a blockchain, said publisher-related file signature belonging to said file; [Ebrahimi, para. 25 discloses the user accessible interface 126 might be used by the user to transmit the digitally signed hash value and the public key to a public storage facility 128 via a line 130, and receive back from the public storage facility 128 a transaction number 132 corresponding to the transmitted hash value and public key. Para. 26 discloses the public storage facility 128 can take the form of a block chain (e.g., in a bitcoin online payment system) or any other public or private distributed database. The public storage facility 128 is connected to a communication link via a line and can be adapted to communicate over a public computer network, the internet, an intranet, an extranet, or any private communication network.] (f) registering said renewed file signature in said blockchain; [Ebrahimi, para. 33 discloses the input data might be hashed and the resulting hash value might be signed with a digital signature, created using a private key paired with a public key, before transmission, optionally along with the public key, from the input device (e.g., a user's smartphone) 112 to the public storage facility 128 for storage. The user accessible interface 126 is thus adapted to “seal” the signed hash value and the public key in the public storage facility 128. Para. 26 discloses the public storage facility 128 can take the form of a block chain (e.g., in a bitcoin online payment system) or any other public or private distributed database.] in which said renewed file signature at least allows to identify said file in a unique way with respect to the blockchain. [Ebrahimi, para. 34 discloses a simplified block diagram for a certification method for managing the identity of a user in a public storage facility 228. By way of example, an identification card 202 may be used. In other embodiments, other forms of identification, which may be digital or non-digital may be used. In the example of the identification card 202, personal data 204 is contained thereon, which identifies the user. The input data can include a photo 206 of the user; the user's name, address and driver license number 208, and/or a bar code 210 or similar computer code for storing, scanning and/or retrieving additional data. Such coding can include PDF417 codes, QR codes, and other such codes. Para. 26 discloses the public storage facility 128 can take the form of a block chain (e.g., in a bitcoin online payment system) or any other public or private distributed database.] in which said renewed file signature comprises a user identity for finding said public key. [Ebrahimi, para. 62 discloses the verifier uses the transaction number to retrieve the signed acknowledgement record and, optionally, the user's public key from public storage facility 328]
	Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Ebrahimi’s system with Masumoto’s system, with a motivation to hash the personal data using the hashing algorithm to create a generated hash value, verify that the hash value in the retrieved signed hash value is the same as the generated hash value, and verify that the retrieved signed hash value was signed with the first private key. [Ebrahimi, para. 6]

As per claim 2, modified Masumoto teaches method of claim 1, wherein said sequential realization of said set of steps for a first of said two users constitutes a trigger for sequentially carrying out said set of steps for a second of said two users.  [Masumoto, col. 6 lines 17 -24 discloses the document 101 which is sequentially circulated to a plurality of users comprises: a fixed data area 102 in which the change of the contents is not permitted; and an additional data area 103 into which data is added at the terminal on the circulating destination side. The fixed data area 102 includes the document data presented by the document drafter A who makes the signatures for the first time. Col. 6 lines 27 – 35 discloses the second and subsequent signatories write proper data into the additional data area 103 which has previously been defined in the received document 101, so that the document is sequentially circulated while increasing an information amount. In the example shown here, the additional data area 103 of the document 101 is divided into three subregions, there is shown a state in which the former signatory B added the data into the first subregion, and the signatory C adds the data into the second subregion.]

As per claim 6, modified Masumoto teaches method of claim 1, wherein said determination in step (b) comprises the calculation of a hash from said file by means of a cryptographic hash function, in which said identification string is determined based on at least said hash. [Masumoto, col. 8 lines 32 – 47 discloses a hash total process is executed to the document data and a hash total h of the document data is produced. The personal information inputted in step 306 is now substituted for a variable P (step 309). The number i of the data additional subregion is substituted for a variable T (step 310) and signature data S is formed (step 311). The signature data is expressed by S = (h | P | T). Symbol "|" denotes the coupling of the data. An encipher process using the secret key of the signatory is executed to the signature data S (step 312) and a digital signature is produced. In step 313, a communication message is edited so as to include the document data 105 which was updated this time, the digital signatures 113A to 113(n-1) of the other users, and a new signature 113n which was formed this time and is transmitted to the next circulating person]

Regarding claim 7, modified Masumoto teaches method of claim 1, but Masumoto does not teach wherein said blockchain is publicly accessible.  
However, Ebrahimi does teach wherein said blockchain is publicly accessible. [Ebrahimi, para. 26 discloses the public storage facility 128 can take the form of a block chain (e.g., in a bitcoin online payment system) or any other public or private distributed database. The public storage facility 128 is connected to a communication link via a line and can be adapted to communicate over a public computer network, the internet, an intranet, an extranet, or any private communication network. Broadly speaking, the public storage facility 128 is accessible by any device that has an Internet connection over a network. A block chain, as is known in the art, is a system that enables users' access to securely store data in a public place.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Ebrahimi’s system with Masumoto’s system, with a motivation to write data to the block chain and a block chain transaction is created, that transaction remains intact, and can be verified in the future. [Ebrahimi, para. 26]

Regarding claim 8, modified Masumoto teaches method of claim 1, but Masumoto does not teach wherein said blockchain is the same for each of said plurality of users.  
However, Ebrahimi does teach wherein said blockchain is the same for each of said plurality of users. [Ebrahimi, para. 26 discloses the public storage facility 128 can take the form of a block chain (e.g., in a bitcoin online payment system) or any other public or private distributed database. The public storage facility 128 is connected to a communication link via a line and can be adapted to communicate over a public computer network, the internet, an intranet, an extranet, or any private communication network. Broadly speaking, the public storage facility 128 is accessible by any device that has an Internet connection over a network. A block chain, as is known in the art, is a system that enables users' access to securely store data in a public place.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Ebrahimi’s system with Masumoto’s system, with a motivation to write data to the block chain and a block chain transaction is created, that transaction remains intact, and can be verified in the future. [Ebrahimi, para. 26]

As per claim 9, modified Masumoto teaches method of claim 6, wherein said file signatures comprises said non-encrypted hash as obtained in step (d). [Masumoto, col. 6 lines 50 – 60 discloses the signatory C executes a hash total process 106 to the updated document data 105 by using the hash function 1213 to produce a hash total 109 of the document data. The hash total 109 constructs signature data 107 together with personal information 110 such as a name and the like of the signatory C and the subregion number 108. By executing an encipher process 112 to the signature data 107 by using a secret key 111 peculiar to the signatory C, the digital signature 113C indicating that the signatory C approved the document data 105 is produced]

As per claim 10, modified Masumoto teaches method of claim 1, but Masumoto does not teach wherein said file comprises a document-ID-pair comprising a first document-ID and a second document-ID, in which the identification string determined in step (d) comprises said document-ID-pair, in which said document-ID-pair is unique with respect to the blockchain.
However, Ebrahimi does teach wherein said file comprises a document-ID-pair comprising a first document-ID and a second document-ID, in which the identification string determined in step (d) comprises said document-ID-pair, in which said document-ID-pair is unique with respect to the blockchain. [Ebrahimi, para. 62 discloses Once the verifier receives the acknowledgement record and the transaction number for the signed acknowledgement record, the verifier might use the process shown in FIG. 3B to verify the acknowledgement record and its underlying certification record. In operation 1, the verifier uses the transaction number to retrieve the signed acknowledgement record and, optionally, the user's public key from public storage facility 328. Then, in operation 2, the verifier hashes the acknowledgement record with the same hashing algorithm that was used by the user and verifies the acknowledgement record and the user's signature, using a verification algorithm as discussed in detail above. If the verification is successful, the verifier uses the transaction number for the signed certification record to retrieve the signed certification record and the certifier's public key from public storage facility 328, in operation 3. Then, in operation 4, the verifier hashes the certification record with the same hashing algorithm that was used by the certifier and verifies the certification record and the certifier's signature, using a verification algorithm as discussed in detail above. If this verification is also successful, the verifier might create another certification record as discussed above and transmit it to public storage facility 328, receiving, in response, another transaction number, which might be transmitted along with the verifier's certification record to the user for another acknowledgement record]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Ebrahimi’s system with Masumoto’s system, with a motivation to write data to the block chain and a block chain transaction is created, that transaction remains intact, and can be verified in the future. [Ebrahimi, para. 26]

As per claim 13, modified Masumoto teaches method of claim 1, but Masumoto does not teach wherein said blockchain overlaps at least partially with the technology of the bitcoin blockchain.
However, Ebrahimi does teach wherein said blockchain overlaps at least partially with the technology of the bitcoin blockchain. [Ebrahimi, para. 26 discloses the public storage facility 128 can take the form of a block chain (e.g., in a bitcoin online payment system) or any other public or private distributed database. The public storage facility 128 is connected to a communication link via a line and can be adapted to communicate over a public computer network, the internet, an intranet, an extranet, or any private communication network. Broadly speaking, the public storage facility 128 is accessible by any device that has an Internet connection over a network. A block chain, as is known in the art, is a system that enables users' access to securely store data in a public place.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Ebrahimi’s system with Masumoto’s system, with a motivation to write data to the block chain and a block chain transaction is created, that transaction remains intact, and can be verified in the future. [Ebrahimi, para. 26]

As per claim 14, modified Masumoto teaches method of claim 6, but Masumoto does not teach wherein said cryptographic hash function belongs to the family of Secure- Hash-Algorithms (SHA).  
However, Ebrahimi does teach wherein said cryptographic hash function belongs to the family of Secure- Hash-Algorithms (SHA). [Ebrahimi, para. 24 discloses the hash value is sometimes referred to as “hash data,” that is generated by an algorithm. In an example embodiment, hashing logic 120 might be software, firmware, hardware, or any combination thereof, and consist of one or more hashing algorithms, e.g., a Secure Hash Algorithm (SHA) algorithm. Hashing logic 120 passes the hash value to digital-signature logic 121, which performs a digital signature on the hash value, using the private key on the input device 112]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Ebrahimi’s system with Masumoto’s system, with a motivation to write data to the block chain and a block chain transaction is created, that transaction remains intact, and can be verified in the future. [Ebrahimi, para. 26]

As per claim 15, modified Masumoto teaches method of claim 6, wherein said file signature comprises a supplementary hash that is different from said hash as obtained in step (b) and different from said signed hash. [Masumoto, col. 2 lines 13 – 24 discloses the validities of the digital signatures 1306a and 1306b in the terminal 10C are verified in the following manner. First, the signature data 1303a and 1303b are obtained by executing decipher processes 1308a and 1308b using public keys 1307a and 1307b of the signatories A and B to the digital signatures 1306a and 1306b, respectively. After that, the hash total of the received document 1301 is produced by using the predetermined hash function 1302c same as the hash functions 1302a and 1302b and is compared with hash totals of the documents included in the signature data 1303a and 1303b (check functions 1309a and 1309b). (Examiner notes that the hash would be different even if they use the same hash function since each signatory uses their own public key within the calculation i.e. Fig 14.)]

As per claim 16, modified Masumoto Method of claim 1, wherein said file signature comprises one or more signing-specific characteristics such as a status with respect to said file and/or said file signature. [Masumoto, col. 3 lines 10 – 20 discloses an electronic document which was received from a network and has at least one digital signature which had already been given by another signatory, a digital signature of a user (signatory) is produced by using signature data including a hash total of a document formed by performing a hash total process to the electronic document of a new version, personal information of the user (signatory), and version management information which is necessary to restore the electronic document of the previous version from the electronic document of the new version]

As per claim 17, modified Masumoto teaches system for maintaining the validity of a file by a plurality of users, said system comprising a plurality of mutually linked devices belonging to said plurality of users, each of the devices comprising a processor, tangible non-volatile memory, instructions in said memory for controlling said processor, a client application, in which for each device, the client application is configured for carrying out a method of claim 1, [Masumoto, col. 7 lines 63 – 67 to col. 8 lines 1 – 2 discloses by repeating the checks of the digital signatures in accordance with the order from the last signatory and the document data restore process of the former version based on the data additional subregion number, the validities of the digital signatures with respect to all of the signatories can be verified. Col. 5 lines 36 – 46 discloses terminal devices which are mutually connected by a communication network 12. As will be explained hereinlater, each terminal 10 has a function to form a document, a function to form and verify a digital signature, and a function to communicate with another terminal. Explanation will now be made of the assumption that electronic document data (hereinafter, simply referred to as document data) with at least one digital signature is transmitted from one terminal to another terminal through the communication network 12 along a circulating route of the document which has previously been designated. Col. 5 lines 51 – 58 discloses the terminal 10 includes: a display 1217; a keyboard 1218; a memory 1205 to store various kinds of programs; a data memory 1206 to store data that has previously been registered; a work memory 1207 to temporarily store data generated during execution of the program; a CPU (central processing unit) 1208; a communication control 1209; and an I/O control 1210], but Masumoto does not teach in which a user identity for retrieving the public key for at least one of the users is linked one-to-one to the client application on the device belonging to said user. 
However, Ebrahimi does teach in which a user identity for retrieving the public key for at least one of the users is linked one-to-one to the client application on the device belonging to said user. [Ebrahimi, para. 25 discloses the digital-signature logic 121 then passes the signed hash value and the public key to a user accessible interface 126 (e.g., a graphical user interface or GUI), which might be other software running on the input device 112. In an example embodiment, the user accessible interface 126 might be part of an application or app that includes encryption logic 118, hashing logic 120, and digital-signature logic 121, and/or other modules or code. The user accessible interface 126 might be used by the user to transmit the digitally signed hash value and the public key to a public storage facility 128 via a line 130, and receive back from the public storage facility 128 a transaction number 132 corresponding to the transmitted hash value and public key. Para. 28 discloses user accessible interface 126 (e.g., a GUI) can be controllable by the user of the input device 112 to encrypt and provide the transaction number 132, the input data, and, optionally, the public key of the user, to an input device 142 (e.g., a smartphone) of a third party (e.g., a financial institution or other entity engaging in a commercial, private transaction, or other transaction with the user) to, for example, establish the identity of the user]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Ebrahimi’s system with Masumoto’s system, with a motivation to write data to the block chain and a block chain transaction is created, that transaction remains intact, and can be verified in the future. [Ebrahimi, para. 26]

As per claim 20, modified Masumoto teaches use of the system of claim 17.  [Masumoto, col. 7 lines 63 – 67 to col. 8 lines 1 – 2 discloses by repeating the checks of the digital signatures in accordance with the order from the last signatory and the document data restore process of the former version based on the data additional subregion number, the validities of the digital signatures with respect to all of the signatories can be verified. Col. 5 lines 36 – 46 discloses terminal devices which are mutually connected by a communication network 12. As will be explained hereinlater, each terminal 10 has a function to form a document, a function to form and verify a digital signature, and a function to communicate with another terminal. Explanation will now be made of the assumption that electronic document data (hereinafter, simply referred to as document data) with at least one digital signature is transmitted from one terminal to another terminal through the communication network 12 along a circulating route of the document which has previously been designated. Col. 5 lines 51 – 58 discloses the terminal 10 includes: a display 1217; a keyboard 1218; a memory 1205 to store various kinds of programs; a data memory 1206 to store data that has previously been registered; a work memory 1207 to temporarily store data generated during execution of the program; a CPU (central processing unit) 1208; a communication control 1209; and an I/O control 1210]

As per claim 21, modified Masumoto teaches computer program for carrying out a computer-implemented method for maintaining the validity of a file by a plurality of users of claim 1, which computer program product comprises at least one readable medium in which computer-readable program code portions are saved, which program code portions comprise instructions for carrying out said method. [Masumoto, col. 7 lines 63 – 67 to col. 8 lines 1 – 2 discloses by repeating the checks of the digital signatures in accordance with the order from the last signatory and the document data restore process of the former version based on the data additional subregion number, the validities of the digital signatures with respect to all of the signatories can be verified. Col. 5 lines 36 – 46 discloses terminal devices which are mutually connected by a communication network 12. As will be explained hereinlater, each terminal 10 has a function to form a document, a function to form and verify a digital signature, and a function to communicate with another terminal. Explanation will now be made of the assumption that electronic document data (hereinafter, simply referred to as document data) with at least one digital signature is transmitted from one terminal to another terminal through the communication network 12 along a circulating route of the document which has previously been designated. Col. 5 lines 51 – 58 discloses the terminal 10 includes: a display 1217; a keyboard 1218; a memory 1205 to store various kinds of programs; a data memory 1206 to store data that has previously been registered; a work memory 1207 to temporarily store data generated during execution of the program; a CPU (central processing unit) 1208; a communication control 1209; and an I/O control 1210]

Claims 3 – 4 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over US 5465299 A to Matsumoto et al., (hereafter, "Matsumoto") in view of US 20160330027 A1 to Ebrahimi in further view of US 10530586 B2 to Meriac et al., (hereafter, “Meriac”).
Regarding claim 3, modified Masumoto teaches method of claim 2, but modified Masumoto does not teach wherein said registration in step (f) is realized provided that said user identity belonging to said user and said user identity belonging to said validating instance, belong to a plurality of user identities that have been registered in a web-of-trust and/or a Certificate Authority
However, Meriac does teach wherein said registration in step (f) is realized provided that said user identity belonging to said user and said user identity belonging to said validating instance, belong to a plurality of user identities that have been registered in a web-of-trust and/or a Certificate Authority [Meriac, col. 8 lines 17 – 26 discloses generating a shortcut certificate for authenticating a user digital certificate generated by an issuing certification authority; the method comprising: authenticating the digital certificate of the issuing certification authority; creating the shortcut certificate for the digital certificate of the issuing certification authority when the digital certificate of the issuing certification authority is authenticated; wherein the shortcut certificate comprises a signed entry of an authentication of the issuing certification authority.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Meriac’s system with modified Masumoto’s system, with a motivation to authenticate the digital certificate of the issuing certification authority by validating each certification authority in a chain of parent certification. [Meriac, col. 8 lines 29 - 31]

As per claim 4, modified Masumoto teaches method of claim 3, wherein said registration in step (f) is realized further provided that said user identity belonging to said validating instance meet the additional criterion as to reliability.  [Masumoto, col. 8 lines 12 – 21 discloses a signature verifying processing routine is executed (step 304). The result of the verification in the above signature verifying processing routine is shown by a return value of a parameter. The return value of the parameter is checked (step 305). If the return value is equal to "1", it means that there is an illegal alteration. In this case, a message indicating that the document data or signature is invalid is displayed on the display and the program is finished (step 314). Col. 8 lines 22 – 28 discloses if the return value is equal to "0", it means that all of the signatures added to the document data are legal. In this case, a message indicating that the signatures are legal is displayed on the display and the user is allowed to input persona information such as a name and the like and, after that, the input of the additional data to the document is permitted (step 306).]

As per claim 12, modified Masumoto teaches method of claim 3, but modified Masumoto does not teach wherein a replacement of said key pair belonging to said user by a new key pair belonging to the same said user comprises a registration on said web-of-trust and/or said Certificate Authority. 
However, Meriac does teach wherein a replacement of said key pair belonging to said user by a new key pair belonging to the same said user comprises a registration on said web-of-trust and/or said Certificate Authority. [Meriac, col. 8 lines 17 – 26 discloses generating a shortcut certificate for authenticating a user digital certificate generated by an issuing certification authority; the method comprising: authenticating the digital certificate of the issuing certification authority; creating the shortcut certificate for the digital certificate of the issuing certification authority when the digital certificate of the issuing certification authority is authenticated; wherein the shortcut certificate comprises a signed entry of an authentication of the issuing certification authority.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Meriac’s system with modified Masumoto’s system, with a motivation to authenticate the digital certificate of the issuing certification authority by validating each certification authority in a chain of parent certification. [Meriac, col. 8 lines 29 -31]

Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over US 5465299 A to Matsumoto et al., (hereafter, "Matsumoto") in view of US 20160330027 A1 to Ebrahimi in further view of US 20180101848 A1 to Castagna et al., (hereafter, “Castagna”).
Regarding claim 5, modified Matsumoto teaches method of claim 1, but modified Matsumoto does not teach wherein said file is a PDF-based document, preferably a PDF document (Portable Document Format).  
However, Castagna does teach wherein said file is a PDF-based document, preferably a PDF document (Portable Document Format).  [Castagna, para. 59 discloses the electronic documents may exist on the blockchain in numerous file formats, including, but not limited to plaintext, PDF, word processing formats, HTML, and the like. In this way, the individual or entity may securely store on the blockchain all records relevant to service providers, then provide the service providers with secured access to said records such that the providers may access only the specific records for which they are authorized, e.g. a healthcare provider may access only the healthcare records on the blockchain.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Castagna’s system with modified Masumoto’s system, with a motivation to solve the computer-centric challenge of providing authorized access of records to service providers, utilize the blockchain to store relevant records reduces the number of back-and-forth queries that must be made between the computer servers owned by individual or entity and the service provider, thereby increasing the processing efficiency, and store relevant records on a blockchain provides a reliable and convenient way to store a complete history of all records relevant to receiving a service (e.g. an entire medical history), in contrast to traditional methods, in a loss of records (e.g. due to server instability, user error, etc.) may result in gaps in the record history. [Castagna, para. 59]

Claims 11 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over US 5465299 A to Matsumoto et al., (hereafter, "Matsumoto") in view of US 20160330027 A1 to Ebrahimi in further view of US 20170126642 A1 to Basin.
Regarding claim 11, modified Masumoto teaches method of claim 1, but modified Masumoto does not teach wherein said private key is saved on a hardware security module (HSM) and/or smart card and/or USB token.
However, Basin does teach wherein said private key is saved on a hardware security module (HSM) and/or smart card and/or USB token. [Basin, para. 280 discloses storing a digital certificate and an associated private key for a user onto a portable certificate storage device that may be carried by a user and used on various computing devices. To use a portable certificate storage device on a computing device, a user may plug the portable certificate storage device into a device receiver on the computing device. The device receiver may provide access to the portable certificate storage device from the computing device. Examples of portable certificate storage devices include a Smart Card and a USB (Universal Serial Bus) Token, for example. Para. 403 discloses an encryption application may obtain from a Key Provider Record a label identifying a private key located on an HSM.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Basin’s system with modified Masumoto’s system, with a motivation to use a wider range of encryption methods instead of supporting only a single encryption method, use advanced public/private keys provides a significantly higher level of security to computer users, and supports using packaged, or readily available encryption algorithms to provide state-of-the-art security. [Basin, para. 249]

Regarding claim 18, modified Masumoto teaches system of claim 17, but modified Masumoto does not teach wherein at least one of said plurality of devices comprises a hardware security module and/or smart card and/or USB token. 
However, Basin does teach wherein at least one of said plurality of devices comprises a hardware security module and/or smart card and/or USB token. [Basin, para. 280 discloses storing a digital certificate and an associated private key for a user onto a portable certificate storage device that may be carried by a user and used on various computing devices. To use a portable certificate storage device on a computing device, a user may plug the portable certificate storage device into a device receiver on the computing device. The device receiver may provide access to the portable certificate storage device from the computing device. Examples of portable certificate storage devices include a Smart Card and a USB (Universal Serial Bus) Token, for example. Para. 403 discloses an encryption application may obtain from a Key Provider Record a label identifying a private key located on an HSM.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Basin’s system with modified Masumoto’s system, with a motivation to use a wider range of encryption methods instead of supporting only a single encryption method, use advanced public/private keys provides a significantly higher level of security to computer users, and supports using packaged, or readily available encryption algorithms to provide state-of-the-art security. [Basin, para. 249]

Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over US 5465299 A to Matsumoto et al., (hereafter, "Matsumoto") in view of US 20160330027 A1 to Ebrahimi in further view of US 20180083771 A1 to Bonnell and in further view of US 10530586 B2 to Meriac et al., (hereafter, “Meriac”).
Regarding claim 19, modified Masumoto teaches system of claim 17, but modified Masumoto does not teach wherein a registration of a file signature in a blockchain takes place provided that said user identity belongs to a plurality of user identities that have been registered in a web-of-trust and/or with a Certificate Authority; and that the fact that the user identity linked to the client application is compromised, leads to the removal of said compromised user identity from said plurality of user identities that have been registered in said web-of-trust and/or with said Certificate Authority.  
However, Bonnell does teach wherein a registration of a file signature in a blockchain takes place provided that said user identity belongs to a plurality of user identities that have been registered in a web-of-trust and/or with a Certificate Authority; [Bonnell, para. 48 teaches the Certificate Authority 125 may issue a digital certificate 128 to the operator, or verifier, of the trust architecture, which will identify the public key 137 related to the private key 138 used by the verifier. User account 114 will use the private key 132 related to the service to digitally sign 129 the related transaction. The trust architecture verifier uses its private key 138 to sign the user's signature 129 to create a special digital token 139. The token 139 is used to create a record for the user for inclusion in a block chain 140, as described below. Also in some aspects, the block chain 140 may be implemented as a distributed ledger. In some aspects, the system 100 may provide configuration setting that enables the special digital token 139 be sent to one or more specified block chains, to ensure proper registration due to subject matter.], but modified Masumoto in view of Bonnell does not teach that the fact that the user identity linked to the client application is compromised, leads to the removal of said compromised user identity from said plurality of user identities that have been registered in said web-of-trust and/or with said Certificate Authority. 
However, Meriac does teach that the fact that the user identity linked to the client application is compromised, leads to the removal of said compromised user identity from said plurality of user identities that have been registered in said web-of-trust and/or with said Certificate Authority. [Meriac, col. 2 lines 18 – 26 discloses the certification authority also provides a place to notify users when the digital certificate becomes invalid and is revoked. Revocation may occur if the user has left the employment of a company or loses control of the corresponding private key because of theft or being compromised in some way. When a certification authority is informed that the certificate 100 is no longer trusted for some reason, the certification authority revokes the digital certificate 100 by placing it on a Certificate Revocation List]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Bonnell’s system and Meriac’s system with modified Masumoto’s system, with a motivation to enable items created by a user to become publicly available in a manner that is authenticated and irreversible [Bonnell, para. 49] and check a central revocation list for serial number to ensure the digital certificate 402 has not been revoked. [Meriac, col. 3 lines 15 – 16]
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Phuc Pham whose telephone number is (571)272-8893.  The examiner can normally be reached on Monday - Thursday 7:30 AM - 4:30 PM; Friday 8:00 AM - 12:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571)272-3811.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 or 571-272-1000.
/P.P./Patent Examiner, Art Unit 2434
       
/NOURA ZOUBAIR/Primary Examiner, Art Unit 2434