DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application is being examined under the pre-AIA  first to invent provisions. 

Drawings
The drawings were received on 5/14/20.  These drawings are acceptable.

Priority
Acknowledgment is made of applicant's claim for foreign priority under 35 U.S.C. 119(a)-(d).

  

Examiner Note
Claims 1-6 are presented for examination. The end of claim 6 is properly terminated with a period.  On the applicant’s submission, page 72 which contains the claims, text following claims 1-6 appears. The examiner has considered this a typographical error with the form submission and is not considering the language after the last claim (Claim 6) to be part of the claimed invention. Examiner attempted to contact the applicant to bring this to their attention, however there is no attorney of record listed.


Allowable Subject Matter
Claims 1-6 are allowed.
The following is an examiner’s statement of reasons for allowance: 

Claims 1-6 are allowable over prior art since the prior art taken individually or in combination fails to particularly disclose, fairly suggests, or render obvious the following limitations: 

In claim 1, … the intermediate computer configured to forward the first encrypted payload to the second computer using the encapsulation protocol, wherein the intermediate computer does not have the first encryption key; the intermediate computer configured to receive from the second computer a second message containing a second encrypted payload and a single field containing the first unique identity, the second encrypted payload encrypted with a second encryption key derived from the key exchange protocol and the second message being encapsulated with the encapsulation protocol; the intermediate computer configured to use the first unique identity and the first mapping to find the address of the first computer; the intermediate computer configured to forward the second encrypted payload to the first computer using the encapsulation protocol, wherein the intermediate computer does not have the second encryption key; and the intermediate computer configured to perform a retransmission protocol to prevent dropped messages between the first computer and the intermediate computer.…in combination with other limitations recited as specified in Claim 1.

The first closest prior art of record is Kunzinger et al (Pub No: 2002/0091921), herein Kunzinger. Kunzinger teaches a method for end to end data sending via and intermediate gateway and a hash value of IPSec used in a packet and tables to route the packet do its destination.  Kunzinger et al does not teach the intermediate computer configured to forward the first encrypted payload to the second computer using the encapsulation protocol, wherein the intermediate computer does not have the first encryption key; the intermediate computer configured to receive from the second computer a second message containing a second encrypted payload and a single field containing the first unique identity, the second encrypted payload encrypted with a second encryption key derived from the key exchange protocol and the second message being encapsulated with the encapsulation protocol; the intermediate computer configured to use the first unique identity and the first mapping to find the address of the first computer; the intermediate computer configured to forward the second encrypted payload to the first computer using the encapsulation protocol, wherein the intermediate computer does not have the second encryption key; and the intermediate computer configured to perform a retransmission protocol to prevent dropped messages between the first computer and the intermediate computer.

The second closest prior art of record is Gunter et al (Patent: 7,055,027), herein Gunter.  Gunter discloses a system for forming of a connection without a firewall present. When a connection has been formed, a device in an internal network sends the keys to a firewall so the firewall can follow the connection. Gunter fails to teach the intermediate computer configured to forward the first encrypted payload to the second computer using the encapsulation protocol, wherein the intermediate computer does not have the first encryption key; the intermediate computer configured to receive from the second computer a second message containing a second encrypted payload and a single field containing the first unique identity, the second encrypted payload encrypted with a second encryption key derived from the key exchange protocol and the second message being encapsulated with the encapsulation protocol; the intermediate computer configured to use the first unique identity and the first mapping to find the address of the first computer; the intermediate computer configured to forward the second encrypted payload to the first computer using the encapsulation protocol, wherein the intermediate computer does not have the second encryption key; and the intermediate computer configured to perform a retransmission protocol to prevent dropped messages between the first computer and the intermediate computer.
the intermediate computer configured to forward the first encrypted payload to the second computer using the encapsulation protocol, wherein the intermediate computer does not have the first encryption key; the intermediate computer configured to receive from the second computer a second message containing a second encrypted payload and a single field containing the first unique identity, the second encrypted payload encrypted with a second encryption key derived from the key exchange protocol and the second message being encapsulated with the encapsulation protocol; the intermediate computer configured to use the first unique identity and the first mapping to find the address of the first computer; the intermediate computer configured to forward the second encrypted payload to the first computer using the encapsulation protocol, wherein the intermediate computer does not have the second encryption key; and the intermediate computer configured to perform a retransmission protocol to prevent dropped messages between the first computer and the intermediate computer.
The fourth closest prior art of record is Grabelsky et al (Patent: 7,032,242), herein Grabelsky.  Grabelsky discloses a system for allowing IPSec (encryption/encapsulation) to be used with distributed network address translation, by mapping a local address (IP) to a SPI associated with an IPSec packet from a network device. Grabelsky fails to teach the intermediate computer configured to forward the first encrypted payload to the second computer using the encapsulation protocol, wherein the intermediate computer does not have the first encryption key; the intermediate computer configured to receive from the second computer a second message containing a second encrypted payload and a single field containing the first unique identity, the second encrypted payload encrypted with a second encryption key derived from the key exchange protocol and the second message being encapsulated with the encapsulation protocol; the intermediate computer configured to use the first unique identity and the first mapping to find the address of the first computer; the intermediate computer configured to forward the second encrypted payload to the first computer using the encapsulation protocol, wherein the intermediate computer does not have the second encryption key; and the intermediate computer configured to perform a retransmission protocol to prevent dropped messages between the first computer and the intermediate computer.


For these reasons, in conjunction with the other limitations of the independent claims, puts this case in condition for allowance.

 Additional reasons for allowance can be found in the Notice of Alowance for parent application 10/500,930 dated 1/12/12 and 13/685,544 dated 10/21/13.


Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Ellington et al (Patent No: 6,708,218)
Carrico et al (Pub No: 2003/0135616)
Grewal et al (Pub No: 2003/005328)
Patel et al (Pub No: 2002/0004900)
Kubota et al (Pub No: 2002/0010799)

Any inquiry concerning this communication or earlier communications from the examiner should be directed to AFSHAWN M TOWFIGHI whose telephone number is (571)270-7296.  The examiner can normally be reached on M-F 8:00 AM -5:00 PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ian N Moore can be reached on 571-272-3085.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/AFSHAWN M TOWFIGHI/Primary Examiner, Art Unit 2469