499Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 1 and 7 is/are rejected under 35 U.S.C. 102(a)(2) as being antedated by United States Patent Application Publication No.: US 2018/0324153 A1 (ALTHOUSE et al.).

As Per Claim 1: ALTHOUSE et al. teaches: A system for providing network data processing, comprising:

- a processor operating one of more algorithms that are configured to interface with one or more clients to receive a client hello data message;
	(ALTHOUSE et al., Paragraph [0017], “FIG. 1A shows a block diagram of an example of an environment 10 in which an on-demand database service can be used in accordance with some implementations. The environment 10 includes user systems 12, a network 14, a database system 16 (also referred to herein as a "cloud-based system"), a processor system 17, an application platform 18, a network interface 20, tenant database 22 for storing tenant data 23, system database 24 for storing system data 25, program code 26 for implementing various functions of the system 16, and process space 28 for executing database system processes and tenant-specific processes, such as running applications as part of an application hosting service. In some other implementations, environment 10 may not have all of these components or systems, or may have other components or systems instead of, or in addition to, those listed above.”).
	(ALTHOUSE et al., Paragraph [0009], “FIG. 3 shows a simplified flow diagram of an example process for fingerprinting a client based on a Transport Layer Security (TLS) client hello packet.”).

- a transport layer security extension extraction system operating on the processor and configured to extract an extension from the client hello data message; and
- a transport layer security extension identification system operating on the processor and configured to process the extension from the client hello data message and to identify a data networking session using the extension. 
	(ALTHOUSE et al., Paragraph [0051], “FIG. 3 shows a simplified flow diagram of an example process for fingerprinting a client based on a Transport Layer Security (TLS) or SSL client hello packet. The first step calls for monitoring packet data traffic over a network, step 302. Various tools such as Bro are known for this function. Another option may be Wireshark, a network packet analyzer. Next is detecting a client hello packet CHP received from a client seeking to begin a session, step 304. The client hello packet is sent in clear text to the server as the session is not yet encrypted. Indeed, much of the client hello packet is information needed to agree on encryption protocols to be used. The process then extracts selected data from the CHP at step 306. Specific examples are given below. At step 308, the method processes the extracted data to form a client ID string. Next, the client ID string is mapped to form a client fingerprint. Because of the wide variety of the information extracted from the CHP, from one client to another, the resulting client ID string, and the correspond fingerprint, will be unique for all practical purposes. In some embodiments, the mapping of step 310 may apply a hash function to the client ID to form the client fingerprint. In one embodiment, the hash function may return a fingerprint (a string of characters) 32 characters long. This length is not critical, but it is advantageous as it is easy to use in a variety of software tools. Finally, the fingerprint may be logged in a database. Post investigation of the database can be conducted, i.e. analysis to look for patterns that could reveal suspicious traffic, leveraging the client fingerprints as reliable, unique identifiers.”).

	1. Protocol Version: The version of the SSL protocol by which the client wishes to communicate during this session.
	2. Session ID: The ID of a session the client wishes to use for this connection.
	3. Cipher Suite: This is passed from the client to the server in the Client Hello message. It contains the combinations of cryptographic algorithms supported by the client in order of the client's preference (first choice first). Each cipher suite defines both a key exchange algorithm and a cipher specification. The server selects at least one of the cipher suites or, if no acceptable choices are presented, returns a handshake failure alert and closes the connection.
	4. Compression Method: Includes a list of compression algorithms supported by the client. If the server does not support any method sent by the client, the connection fails. The compression method can also be null.
	5. Extensions. A variety of extensions can be used to add functionality to TLS. See RFC 4366. In an example, the supported elliptical curves discussed below may be implemented as a TLS extension. Other extensions, for example, SessionTicket's and renegotiation, may be used as described herein, and combined with other selected data in forming the client fingerprint.”).

As Per Claim 7: Claim 7 is substantially a restatement of the system of claim 1 as a method and is rejected under substantially the same reasoning.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 2-6 and 8-18 is/are rejected under 35 U.S.C. 103 as being unpatentable over United States Patent Application Publication No.: US 2018/0324153 A1 (ALTHOUSE et al.) in view of RFC 5246 The Transport Layer Security (TLS) Protocol (Dierks et al.).

As Per Claim 2: The rejection of claim 1 is incorporated and further ALTHOUSE et al. does not explicitly teach the following limitation however Dierks et al. in analogous art does teach the following limitation:
- the processor configured to interface with one or more servers and to receive a server hello data message. 
	(Dierks et al., Section 7.4.1.3 Server Hello, Page 42 - Page 43 First Paragraph, “When this message will be sent:
 The server will send this message in response to a ClientHello  message when it was able to find an acceptable set of algorithms.  If it cannot find such a match, it will respond with a handshake failure alert.
	Structure of this message:
struct {
	ProtocolVersion server_version;
	Random random;
	SessionID session_id;
	CipherSuite cipher_suite;
	CompressionMethod compression_method;
	select (extensions_present) {
		case false:
			struct {};
		case true:

 	};
 } ServerHello;
 The presence of extensions can be detected by determining whether there are bytes following the compression_method field at the end of  the ServerHello.”)
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Dierks et al. into the method of ALTHOUSE et al. as a matter of common sense understanding the standard being used “Transport Layer Security (TLS) Protocol” and how it works.

As Per Claim 3: The rejection of claim 2 is incorporated and further ALTHOUSE et al. does not explicitly teach the following limitation however Dierks et al. in analogous art does teach the following limitation:
- the transport layer security extension extraction system configured to extract an extension from the server hello data message. 
	(Dierks et al., Section 7.4.1.4. Hello Extensions, Page 44 lines 1-20, “The extension format is:
	struct {
		ExtensionType extension_type;
		opaque extension_data<0..2^16-1>;
	} Extension;
	enum {
		signature_algorithms(13), (65535)
	} ExtensionType;
Here:

	- "extension_data" contains information specific to the particular extension type.
	The initial set of extensions is defined in a companion document [TLSEXT]. The list of extension types is maintained by IANA as described in Section 12.
	An extension type MUST NOT appear in the ServerHello unless the same extension type appeared in the corresponding ClientHello. If a client receives an extension type in ServerHello that it did not request in the associated ClientHello, it MUST abort the handshake with an unsupported_extension fatal alert.”)
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Dierks et al. into the method of ALTHOUSE et al. as a matter of common sense understanding the standard being used “Transport Layer Security (TLS) Protocol” and how it works.

As Per Claim 4: The rejection of claim 3 is incorporated and further ALTHOUSE et al. does not explicitly teach the following limitation however Dierks et al. in analogous art does teach the following limitation:
- the transport layer security extension identification system configured to process the extension from the server hello data message and to identify a data networking session using the extension. 
	(Dierks et al., Section 7.4.1.3 Server Hello, Page 43 session_id, “session_id 
	This is the identity of the session corresponding to this connection. If the ClientHello.session_id was non-empty, the server will look in its session cache for a match. If a match is found and the server is willing to establish the new connection using the specified session state, the server will respond with the same value as was supplied by the client. This indicates a resumed session and dictates that the parties must proceed directly to the Finished messages. Otherwise, this field will contain a different value identifying the new session. The server may return an empty session_id to indicate that the session will 
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Dierks et al. into the method of ALTHOUSE et al. as a matter of common sense understanding the standard being used “Transport Layer Security (TLS) Protocol” and how it works.

As Per Claim 5: The rejection of claim 1 is incorporated and further ALTHOUSE et al. does not explicitly teach the following limitation however Dierks et al. in analogous art does teach the following limitation:
- a transport layer security based security system configured to process the extension from the client hello data message and to identify whether the data networking session is secure using the extension. 
	(Dierks et al., Section 7.4.1.4. Hello Extensions, Page 45, Paragraphs 1-6, “In general, the specification of each extension type needs to describe the effect of the extension both during full handshake and session resumption. Most current TLS extensions are relevant only when a session is initiated: when an older session is resumed, the server does not process these extensions in Client Hello, and does not include them in Server Hello. However, some extensions may specify different behavior during session resumption. 
	There are subtle (and not so subtle) interactions that may occur in this protocol between new features and existing features which may result in a significant reduction in overall security. The following considerations should be taken into account when designing new extensions: 

	- Extensions should, as far as possible, be designed to prevent any attack that forces use (or non-use) of a particular feature by manipulation of handshake messages. This principle should be followed regardless of whether the feature is believed to cause a security problem. 
	Often the fact that the extension fields are included in the inputs to the Finished message hashes will be sufficient, but extreme care is needed when the extension changes the meaning of messages sent in the handshake phase. Designers and implementors should be aware of the fact that until the handshake has been authenticated, active attackers can modify messages and insert, remove, or replace extensions. 
	- It would be technically possible to use extensions to change major aspects of the design of TLS; for example the design of cipher suite negotiation. This is not recommended; it would be more appropriate to define a new version of TLS -- particularly since the TLS handshake algorithms have specific protection against version rollback attacks based on the version number, and the possibility of version rollback should be a significant consideration in any major design change.”).
	The “server does not agree” condition would apply to the situation of the Extension being viewed by the server as unsecure. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Dierks et al. into the method of ALTHOUSE et al. as a matter of common sense understanding the standard being used “Transport Layer Security (TLS) Protocol” and how it works.

As Per Claim 6: The rejection of claim 3 is incorporated and further ALTHOUSE et al. does not explicitly teach the following limitation however Dierks et al. in analogous art does teach the following limitation:
- the transport layer security based security system configured to process the extension from the server hello data message and to identify whether the data networking session is secure using the extension. 
	(Dierks et al., Section 7.4.1.4. Hello Extensions, Page 44, Lines 16-20, “An extension type MUST NOT appear in the ServerHello unless the same extension type appeared in the corresponding ClientHello. If a client receives an extension type in ServerHello that it did not request in the associated ClientHello, it MUST abort the handshake with an unsupported_extension fatal alert.”).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Dierks et al. into the method of ALTHOUSE et al. as a matter of common sense understanding the standard being used “Transport Layer Security (TLS) Protocol” and how it works.

As Per Claims 8-12: Claims 8-12 are substantially a restatement of the system of claims 2-6 as a method and are rejected under substantially the same reasoning.

As Per Claim 13: ALTHOUSE et al. teaches: A method for providing network data processing, comprising:

- interfacing with one or more servers to receive a server hello data message using a processor;

	(ALTHOUSE et al., Paragraph [0017], “FIG. 1A shows a block diagram of an example of an environment 10 in which an on-demand database service can be used in accordance with some implementations. The environment 10 includes user systems 12, a network 14, a database system 16 (also referred to herein as a "cloud-based system"), a processor system 17, an application platform 18, a network interface 20, tenant database 22 for storing tenant data 23, system database 24 for storing system data 25, program code 26 for implementing various functions of the system 16, and process space 
	(ALTHOUSE et al., Paragraph [0009], “FIG. 3 shows a simplified flow diagram of an example process for fingerprinting a client based on a Transport Layer Security (TLS) client hello packet.”).

- extracting an extension from the 
	(ALTHOUSE et al., Paragraph [0051], “FIG. 3 shows a simplified flow diagram of an example process for fingerprinting a client based on a Transport Layer Security (TLS) or SSL client hello packet. The first step calls for monitoring packet data traffic over a network, step 302. Various tools such as Bro are known for this function. Another option may be Wireshark, a network packet analyzer. Next is detecting a client hello packet CHP received from a client seeking to begin a session, step 304. The client hello packet is sent in clear text to the server as the session is not yet encrypted. Indeed, much of the client hello packet is information needed to agree on encryption protocols to be used. The process then extracts selected data from the CHP at step 306. Specific examples are given below. At step 308, the method processes the extracted data to form a client ID string. Next, the client ID string is mapped to form a client fingerprint. Because of the wide variety of the information extracted from the CHP, from one client to another, the resulting client ID string, and the correspond fingerprint, will be unique for all practical purposes. In some embodiments, the mapping of step 310 may apply a hash function to the client ID to form the client fingerprint. In one embodiment, the hash function may return a fingerprint (a string of characters) 32 characters long. This length is not critical, but it is advantageous as it is easy to use in a variety of software tools. Finally, the fingerprint may be logged in a database. Post investigation of the 
	(ALTHOUSE et al., Paragraph [0044]-[0049], “The basic unit of data in SSL is a record. There are generally five record types in SSL, one of which is handshake records. Among the handshake records is the client hello. The Client Hello sends these attributes to the server:
	1. Protocol Version: The version of the SSL protocol by which the client wishes to communicate during this session.
	2. Session ID: The ID of a session the client wishes to use for this connection.
	3. Cipher Suite: This is passed from the client to the server in the Client Hello message. It contains the combinations of cryptographic algorithms supported by the client in order of the client's preference (first choice first). Each cipher suite defines both a key exchange algorithm and a cipher specification. The server selects at least one of the cipher suites or, if no acceptable choices are presented, returns a handshake failure alert and closes the connection.
	4. Compression Method: Includes a list of compression algorithms supported by the client. If the server does not support any method sent by the client, the connection fails. The compression method can also be null.
	5. Extensions. A variety of extensions can be used to add functionality to TLS. See RFC 4366. In an example, the supported elliptical curves discussed below may be implemented as a TLS extension. Other extensions, for example, SessionTicket's and renegotiation, may be used as described herein, and combined with other selected data in forming the client fingerprint.”).

ALTHOUSE et al. does not explicitly teach the following limitation however Dierks et al. in analogous art does teach the following limitation:
server hello data message.

 The server will send this message in response to a ClientHello  message when it was able to find an acceptable set of algorithms.  If it cannot find such a match, it will respond with a handshake failure alert.
	Structure of this message:
struct {
	ProtocolVersion server_version;
	Random random;
	SessionID session_id;
	CipherSuite cipher_suite;
	CompressionMethod compression_method;
	select (extensions_present) {
		case false:
			struct {};
		case true:
			Extension extensions<0..2^16-1>;
 	};
 } ServerHello;
 The presence of extensions can be detected by determining whether there are bytes following the compression_method field at the end of  the ServerHello.”)
	(Dierks et al., Section 7.4.1.4. Hello Extensions, Page 44 lines 1-20, “The extension format is:
	struct {
		ExtensionType extension_type;
		opaque extension_data<0..2^16-1>;

	enum {
		signature_algorithms(13), (65535)
	} ExtensionType;
Here:
	- "extension_type" identifies the particular extension type.
	- "extension_data" contains information specific to the particular extension type.
	The initial set of extensions is defined in a companion document [TLSEXT]. The list of extension types is maintained by IANA as described in Section 12.
	An extension type MUST NOT appear in the ServerHello unless the same extension type appeared in the corresponding ClientHello. If a client receives an extension type in ServerHello that it did not request in the associated ClientHello, it MUST abort the handshake with an unsupported_extension fatal alert.”)
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Dierks et al. into the method of ALTHOUSE et al. as a matter of common sense understanding the standard being used “Transport Layer Security (TLS) Protocol” and how it works.

As Per Claim 14: The rejection of claim 13 is incorporated and further ALTHOUSE et al. teaches:
- using the processor to interface with one or more clients and to receive a client hello data message; determining whether the server hello message and the client hello message are associated with the data networking session. 
	(ALTHOUSE et al., Paragraph [0044]-[0049], “The basic unit of data in SSL is a record. There are generally five record types in SSL, one of which is handshake records. Among the handshake records is the client hello. The Client Hello sends these attributes to the server:

	2. Session ID: The ID of a session the client wishes to use for this connection.
	3. Cipher Suite: This is passed from the client to the server in the Client Hello message. It contains the combinations of cryptographic algorithms supported by the client in order of the client's preference (first choice first). Each cipher suite defines both a key exchange algorithm and a cipher specification. The server selects at least one of the cipher suites or, if no acceptable choices are presented, returns a handshake failure alert and closes the connection.
	4. Compression Method: Includes a list of compression algorithms supported by the client. If the server does not support any method sent by the client, the connection fails. The compression method can also be null.
	5. Extensions. A variety of extensions can be used to add functionality to TLS. See RFC 4366. In an example, the supported elliptical curves discussed below may be implemented as a TLS extension. Other extensions, for example, SessionTicket's and renegotiation, may be used as described herein, and combined with other selected data in forming the client fingerprint.”).

As Per Claim 15: The rejection of claim 14 is incorporated and further ALTHOUSE et al. teaches:
- extracting an extension from the client hello data message with the processor. 
	(ALTHOUSE et al., Paragraph [0051], “FIG. 3 shows a simplified flow diagram of an example process for fingerprinting a client based on a Transport Layer Security (TLS) or SSL client hello packet. The first step calls for monitoring packet data traffic over a network, step 302. Various tools such as Bro are known for this function. Another option may be Wireshark, a network packet analyzer. Next is detecting a client hello packet CHP received from a client seeking to begin a session, step 304. The client hello packet is sent in clear text to the server as the session is not yet encrypted. Indeed, much of the client hello 
	(ALTHOUSE et al., Paragraph [0044]-[0049], “The basic unit of data in SSL is a record. There are generally five record types in SSL, one of which is handshake records. Among the handshake records is the client hello. The Client Hello sends these attributes to the server:
	1. Protocol Version: The version of the SSL protocol by which the client wishes to communicate during this session.
	2. Session ID: The ID of a session the client wishes to use for this connection.
	3. Cipher Suite: This is passed from the client to the server in the Client Hello message. It contains the combinations of cryptographic algorithms supported by the client in order of the client's preference (first choice first). Each cipher suite defines both a key exchange algorithm and a cipher specification. The server selects at least one of the cipher suites or, if no acceptable choices are presented, returns a handshake failure alert and closes the connection.

	5. Extensions. A variety of extensions can be used to add functionality to TLS. See RFC 4366. In an example, the supported elliptical curves discussed below may be implemented as a TLS extension. Other extensions, for example, SessionTicket's and renegotiation, may be used as described herein, and combined with other selected data in forming the client fingerprint.”).

As Per Claim 16: The rejection of claim 15 is incorporated and further ALTHOUSE et al. teaches:
- processing the extension from the client hello data message using the processor to identify the data networking session using the extension. 
	(ALTHOUSE et al., Paragraph [0051], “FIG. 3 shows a simplified flow diagram of an example process for fingerprinting a client based on a Transport Layer Security (TLS) or SSL client hello packet. The first step calls for monitoring packet data traffic over a network, step 302. Various tools such as Bro are known for this function. Another option may be Wireshark, a network packet analyzer. Next is detecting a client hello packet CHP received from a client seeking to begin a session, step 304. The client hello packet is sent in clear text to the server as the session is not yet encrypted. Indeed, much of the client hello packet is information needed to agree on encryption protocols to be used. The process then extracts selected data from the CHP at step 306. Specific examples are given below. At step 308, the method processes the extracted data to form a client ID string. Next, the client ID string is mapped to form a client fingerprint. Because of the wide variety of the information extracted from the CHP, from one client to another, the resulting client ID string, and the correspond fingerprint, will be unique for all practical purposes. In some embodiments, the mapping of step 310 may apply a hash function to the client ID to form the client fingerprint. In one embodiment, the hash function may return a fingerprint (a string of characters) 32 characters long. This length is not critical, but it is advantageous as it is easy to use in a variety of software tools. Finally, the fingerprint may be logged in a database. Post investigation of the database can be conducted, i.e. analysis to look for patterns that could reveal suspicious traffic, leveraging the client fingerprints as reliable, unique identifiers.”).
	(ALTHOUSE et al., Paragraph [0044]-[0049], “The basic unit of data in SSL is a record. There are generally five record types in SSL, one of which is handshake records. Among the handshake records is the client hello. The Client Hello sends these attributes to the server:
	1. Protocol Version: The version of the SSL protocol by which the client wishes to communicate during this session.
	2. Session ID: The ID of a session the client wishes to use for this connection.
	3. Cipher Suite: This is passed from the client to the server in the Client Hello message. It contains the combinations of cryptographic algorithms supported by the client in order of the client's preference (first choice first). Each cipher suite defines both a key exchange algorithm and a cipher specification. The server selects at least one of the cipher suites or, if no acceptable choices are presented, returns a handshake failure alert and closes the connection.
	4. Compression Method: Includes a list of compression algorithms supported by the client. If the server does not support any method sent by the client, the connection fails. The compression method can also be null.
	5. Extensions. A variety of extensions can be used to add functionality to TLS. See RFC 4366. In an example, the supported elliptical curves discussed below may be implemented as a TLS extension. Other extensions, for example, SessionTicket's and renegotiation, may be used as described herein, and combined with other selected data in forming the client fingerprint.”).

As Per Claim 17: The rejection of claim1 3 is incorporated and further ALTHOUSE et al. does not explicitly teach the following limitation however Dierks et al. in analogous art does teach the following limitation:
- processing the extension from the client hello data message using the processor to identify whether the data networking session is secure using the extension. 
	(Dierks et al., Section 7.4.1.4. Hello Extensions, Page 45, Paragraphs 1-6, “In general, the specification of each extension type needs to describe the effect of the extension both during full handshake and session resumption. Most current TLS extensions are relevant only when a session is initiated: when an older session is resumed, the server does not process these extensions in Client Hello, and does not include them in Server Hello. However, some extensions may specify different behavior during session resumption. 
	There are subtle (and not so subtle) interactions that may occur in this protocol between new features and existing features which may result in a significant reduction in overall security. The following considerations should be taken into account when designing new extensions: 
	- Some cases where a server does not agree to an extension are error conditions, and some are simply refusals to support particular features. In general, error alerts should be used for the former, and a field in the server extension response for the latter. 
	- Extensions should, as far as possible, be designed to prevent any attack that forces use (or non-use) of a particular feature by manipulation of handshake messages. This principle should be followed regardless of whether the feature is believed to cause a security problem. 
	Often the fact that the extension fields are included in the inputs to the Finished message hashes will be sufficient, but extreme care is needed when the extension changes the meaning of messages sent in the handshake phase. Designers and implementors should be aware of the fact that until the handshake has been authenticated, active attackers can modify messages and insert, remove, or replace extensions. 
	- It would be technically possible to use extensions to change major aspects of the design of TLS; for example the design of cipher suite negotiation. This is not recommended; it would be more appropriate to define a new version of TLS -- particularly since the TLS handshake algorithms have specific protection against version rollback attacks based on the version number, and the possibility of version rollback should be a significant consideration in any major design change.”).
	The “server does not agree” condition would apply to the situation of the Extension being viewed by the server as unsecure. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Dierks et al. into the method of ALTHOUSE et al. as a matter of common sense understanding the standard being used “Transport Layer Security (TLS) Protocol” and how it works.

As Per Claim 18: The rejection of claim 15 is incorporated and further ALTHOUSE et al. does not explicitly teach the following limitation however Dierks et al. in analogous art does teach the following limitation:
- processing the extension from the client hello data message with the processor to identify whether the data networking session is secure using the extension.
	(Dierks et al., Section 7.4.1.4. Hello Extensions, Page 45, Paragraphs 1-6, “In general, the specification of each extension type needs to describe the effect of the extension both during full handshake and session resumption. Most current TLS extensions are relevant only when a session is initiated: when an older session is resumed, the server does not process these extensions in Client Hello, and does not include them in Server Hello. However, some extensions may specify different behavior during session resumption. 
	There are subtle (and not so subtle) interactions that may occur in this protocol between new features and existing features which may result in a significant reduction in overall security. The following considerations should be taken into account when designing new extensions: 
	- Some cases where a server does not agree to an extension are error conditions, and some are simply refusals to support particular features. In general, error alerts should be used for the former, and a field in the server extension response for the latter. 
	- Extensions should, as far as possible, be designed to prevent any attack that forces use (or non-use) of a particular feature by manipulation of handshake messages. This principle should be followed regardless of whether the feature is believed to cause a security problem. 
	Often the fact that the extension fields are included in the inputs to the Finished message hashes will be sufficient, but extreme care is needed when the extension changes the meaning of messages sent in the handshake phase. Designers and implementors should be aware of the fact that until the handshake has been authenticated, active attackers can modify messages and insert, remove, or replace extensions. 
	- It would be technically possible to use extensions to change major aspects of the design of TLS; for example the design of cipher suite negotiation. This is not recommended; it would be more appropriate to define a new version of TLS -- particularly since the TLS handshake algorithms have specific protection against version rollback attacks based on the version number, and the possibility of version rollback should be a significant consideration in any major design change.”).
	The “server does not agree” condition would apply to the situation of the Extension being viewed by the server as unsecure. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Dierks et al. into the method of ALTHOUSE et al. as a matter of common sense understanding the standard being used “Transport Layer Security (TLS) Protocol” and how it works.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BENJAMIN A KAPLAN whose telephone number is (571)270-3170.  The examiner can normally be reached on 9:00 a.m. - 5:00 p.m..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571)272-3811.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/BENJAMIN A KAPLAN/Examiner, Art Unit 2434