Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This is a Non-Final Office action in response to communications received May 27, 2021.  Claims 2, 18, 20, 24-26 have been amended.  Therefore, claims 1-26 are pending and addressed below. 


Information Disclosure Statement
The information disclosure statement filed 05/27/2021 complies with the provisions of 37 CFR 1.97, 1.98 and MPEP § 609 and the information referred to therein has been considered as to the merits.  


Response to Amendments 
Applicant’s amendments to claim 18 are sufficient to overcome the Minor Informalities of claim 18 set forth in previous office action.  
Applicant’s amendments to claims 24, 25, 26 are sufficient to overcome the 35 USC 112 rejection of claims 24, 25, 26, rejections set forth in previous office action.  Therefore the rejections are withdrawn.  

Response to Arguments 

Applicant’s arguments, see Page 11-13, filed May 27, 2021, with respect to the rejection(s) of claim(s) 1-26 under 35 USC 102 have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of newly found prior art reference, Ramanath (US2013/0010602 A1, publish date 01/10/2013) (on Applicant’s IDS filed 05/27/2021) in view of Han et al. (US9330227 B1, patent date 05/03/2016) further in view of Canady et al. (US2019/0182129 A1, file date 12/11/2017).



Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.



The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-26 are rejected under 35 U.S.C. 103 as being unpatentable over Ramanath (US2013/0010602 A1, publish date 01/10/2013) (on Applicant’s IDS filed 05/27/2021) in view of Han et al. (US9330227 B1, patent date 05/03/2016) further in view of Canady et al. (US2019/0182129 A1, file date 12/11/2017).

Claim 1:
With respect to claim 1, Ramanath discloses a method of testing handling of secure communication sessions of a plurality of clients with a plurality of servers by (testing network or network devices, 0003) (test traffic, plurality of network users, servers, 0013) (test session, test traffic hundreds or thousands of EU activities, 0047) device or system under test (DUT) (network and/or device to be tested (the network under test or NUT), network or device under test, 0033) (network or device to be tested, router switch, 0034), the testing conducted by a test system having at least first and second ports that are coupled to ports on the DUT (port unit within the network test equipment, 0013) (one or more port unit, 0025) (initializing a test system, 0032)), the method including:
using a plurality of client state machines running one or more processor cores (plurality of network users, services, 0013) (one or more processors, 0024),
communicating through the DUT with a plurality of server state machines running on one or more additional processor cores (plurality of network users, services, 0013) (one or more processors, 0028) (network test equipment and the network devices communicate simultaneously with one another, 0028);
for each connection between (i) a client represented by a client state machine, of the plurality of client state machines, and (ii) a server represented by a server state machine, of the plurality of server state machines, setting up a secure communication session (plurality of network users, services, connection between the network and the equipment used to test the network, 0013) (one or more processors, 0024) (network test equipment and the network devices communicate simultaneously with one another, 0028) including:
using at least 1,000 of the established secure communication sessions, conducting a test including: generating test packets (test traffic including literally millions of packets representing activities of thousands or hundreds of thousands of EUs, 0047); and transmitting the test packets through the DUT (test traffic comprising a large number of packets transmitted, 0013); and 
compiling and reporting results of the test (reporting test results, 0032) (test results captured, 0050).

Ramanath does not disclose establishing a secure communication session, with a handshake between the client and the server including the client and/or the server transitioning past a standards-required verification step or validation step without performing the required verification or validation step as claimed. 

However, Han et al. teaches he system 100 comprises a testbench builder device 102 coupled with one or more DUTs 104 via one or more networks 106.  (Column 7, lines 26-30), establishing a secure communication session, with a handshake between the client and the server including the client and/or the server transitioning past a standards-required verification step or validation step without performing the required verification or validation step (a simple or one-way handshake protocol without flow control 702 and transaction transmission 704, the one-way handshake protocol without flow control 702 comprises sending a first signal "valid" from the agent 500 to the DUT 212 (via an interface).  According to the handshake protocol 702, the agent 500 indicates that it is ready to send data when it makes "valid" high (and/or that all control and data signals are valid), but unlike the first process, the agent 500 does not wait for, nor does the DUT 212 send, a signal that indicates that the DUT 212 is ready to accept data.  This one-way handshake protocol puts full control in the agent 500 to stop or start transaction transmissions 704 unilaterally, wherein the DUT 212 has no flow control and rather is simply notified by the agent 500 when transaction transmission 704 is incoming, Column 18, lines 40- Column 19, line 5). 

Ramanath and Han et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to use Han et al. in Ramanath for establishing a secure communication session, with a handshake between the client and the server including the client and/or the server transitioning past a standards-required verification step or validation step without performing the required verification or validation step as claimed for purposes of enhancing the testing environment of Ramanath to allow full control in the agent 500 to stop or start transaction transmissions 704 unilaterally, wherein the DUT 212 has no flow control and rather is simply notified by the agent 500 when transaction transmission 704 is incoming (see Han et al. Column 18, lines 40- Column 19, line 5).

Canady et al. teaches to provide methods and systems to efficiently test handling of HTTPS sessions of a plurality of clients with a plurality of servers by a switching, bridging or routing device (referred to as the "device or system under test" or "DUT"), the testing conducted by a test system having at least first and second ports that are coupled to ports on the DUT, (0010), establishing a secure communication session, with a handshake between the client and the server with a handshake between the client and the server (negotiating an encryption protocol and exchanging keys, and completing an HTTPS handshake, 0011).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to use Canady et al. in Ramanath for establishing a secure communication session, with a handshake between the client and the server as claimed for purposes of enhancing the testing environment of Ramanath to efficiently test handling of HTTPS sessions of a plurality of clients with a plurality of servers by a switching, bridging or routing device (referred to as the "device or system under test" or "DUT").  (see Canaday et al. 0011)

Claim 2:
With respect to claim 2, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 1, as addressed.  

Canady et al. teaches wherein the establishing of the secure communication session includes one of the client and the server bypassing a transmission of a standards-required error message to another of the client and the server when an error has occurred at the one of the client and the server with respect to a security mechanism related to the secure commination session (combining patterned payload data to the generated address and packet header to form test packets without using the negotiated encryption protocol to encrypt and decrypt the patterned payload data, and (iii) transmitting the test packets through the DUT, 0011) (If the value is "False", this means that the FSM is still running and the dispatcher continues to dequeue and dispatch messages.  However, if the return value is "True", the dispatcher stops dispatching any queued messages, and the FSM is considered to be complete, 0061).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 1.

Claim 3:
With respect to claim 3, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 1, as addressed.  

Canady et al. teaches wherein the standards-required verification step or validation step is a verification of a certificate received by one of the client and the server, from the other of the client and the server (The server 220 continues the handshaking procedure by sending a Certificate in operation 242, 0043), and
wherein the one of the client and the server receiving the certificate operates as if there has been a successful verification of the certificate without verifying the certificate (after receiving the certificate, the client 210 will essentially say, ok, let's start encrypting 0044).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 1.

Claim 4:
With respect to claim 4, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 1, as addressed.  

Canady et al. teaches wherein the standards-required verification step or validation step is a verification that a particular field (i) does correspond to a particular group and (ii) does not correspond to another particular group, and
wherein one of the client and the server transmits a standards-required message to another of the client and the server as if there has been a successful verification that the particular field (i) does correspond to the particular group and (ii) does not correspond to the other particular group (Once the client machine 110, the server machine 120, the DUT 130 and the calibration and analysis tool 140 have been set up to run the "stress test," it will be necessary to start establishing HTTPS sessions between the various emulated clients and the various emulated servers, the "stress test" could also be performed in the field for the purpose of determining whether a DUT deployed in the field has been damaged and needs replacement or repair., 0038).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 1.

Claim 5:
With respect to claim 5, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 1, as addressed.  

Canady et al. teaches wherein, the standards-required verification step or validation step is a validation of a key received by one of the client and the server, from the other of the client and the server, and wherein the one of the client and the server receiving the key operates as if there has been a successful validation of the key without validating the key (the "Client_Hello" message may include information regarding which types of Key the client 210 can accept (e.g., RSA, Diffie-Hellman, DSA, etc.), which type of Cipher the client can accept (e.g., RC4, Triple DES, AES, etc.) and which type of Hash can be used (e.g., HMAC-MDS, HMAC-SHA, etc.), 0041) (The "Server_Hello" message may also indicate which type of Key, Cipher and Hash will or can be used by the server 
220, 0042).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 1.

Claim 6:
With respect to claim 6, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 1, as addressed.  

Canady et al. teaches wherein, the standards-required verification step or validation step is a verification of a hash received by one of the client and the server, from the other of the client and the server, and wherein the one of the client and the server receiving the hash operates as if there has been a successful verification of the hash without verifying the hash (the "Client_Hello" message may include information regarding which types of Key the client 210 can accept (e.g., RSA, Diffie-Hellman, DSA, etc.), which type of Cipher the client can accept (e.g., RC4, Triple DES, AES, etc.) and which type of Hash can be used (e.g., HMAC-MDS, HMAC-SHA, etc.), 0041) (The "Server_Hello" message may also indicate which type of Key, Cipher and Hash will or can be used by the server 220, 0042).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 1.

Claim 7:
With respect to claim 7, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 1, as addressed.  

Canady et al. teaches wherein, the standards-required verification step or validation step is a verification of a digital signing of content received by one of the client and the server, from the other of the client and the server, and wherein the one of the client and the server receiving the content operates as if there has been a successful verification of the digital signing of the content without verifying the digital signing of the content (The Certificate can identify, for example, a serial number, an issuer (e.g., Verisign), validity dates, a public key, as well as a site address, and a company address, 0043) (the "Client_Hello" message may include information regarding which types of Key the client 210 can accept (e.g., RSA, Diffie-Hellman, DSA, etc.), which type of Cipher the client can accept (e.g., RC4, Triple DES, AES, etc.) and which type of Hash can be used (e.g., HMAC-MDS, HMAC-SHA, etc.), 0041) (The "Server_Hello" message may also indicate which type of Key, Cipher and Hash will or can be used by the server 220, 0042).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 1.

Claim 8:
With respect to claim 8, Ramanath discloses a method of testing handling of secure communication sessions of a plurality of clients with a plurality of servers by (testing network or network devices, 0003) (test traffic, plurality of network users, servers, 0013) (test session, test traffic hundreds or thousands of EU activities, 0047) device or system under test (DUT) (network and/or device to be tested (the network under test or NUT), network or device under test, 0033) (network or device to be tested, router switch, 0034), the testing conducted by a test system having at least first and second ports that are coupled to ports on the DUT (port unit within the network test equipment, 0013) (one or more port unit, 0025) (initializing a test system, 0032), the method including:
using a plurality of client state machines running one or more processor cores (plurality of network users, services, 0013) (one or more processors, 0024),
communicating through the DUT with a plurality of server state machines running on one or more additional processor cores (plurality of network users, services, 0013) (one or more processors, 0028) (network test equipment and the network devices communicate simultaneously with one another, 0028);
for each connection between (i) a client represented by a client state machine, of the plurality of client state machines, and (ii) a server represented by a server state machine, of the plurality of server state machines, setting up a secure communication session (plurality of network users, services, connection between the network and the equipment used to test the network, 0013) (one or more processors, 0024) (network test equipment and the network devices communicate simultaneously with one another, 0028) including:
following the setup of at least 1,000 secure communication sessions, conducting a test including (test traffic including literally millions of packets representing activities of thousands or hundreds of thousands of EUs, 0047): generating test packets; and transmitting the test packets through the DUT (test traffic comprising a large number of packets transmitted, 0013); and compiling and reporting results of the test (reporting test results, 0032) (test results captured, 0050).

Ramanath does not disclose establishing a secure communication session, with a handshake between the client and the server including the client and/or the server transitioning past a standards-required verification step or validation step without performing the required verification or validation step as claimed. 

However, Han et al. teaches he system 100 comprises a testbench builder device 102 coupled with one or more DUTs 104 via one or more networks 106.  (Column 7, lines 26-30), establishing a secure communication session, with a handshake between the client and the server including the client and/or the server transitioning past a standards-required verification step or validation step without performing the required verification or validation step (a simple or one-way handshake protocol without flow control 702 and transaction transmission 704, the one-way handshake protocol without flow control 702 comprises sending a first signal "valid" from the agent 500 to the DUT 212 (via an interface).  According to the handshake protocol 702, the agent 500 indicates that it is ready to send data when it makes "valid" high (and/or that all control and data signals are valid), but unlike the first process, the agent 500 does not wait for, nor does the DUT 212 send, a signal that indicates that the DUT 212 is ready to accept data.  This one-way handshake protocol puts full control in the agent 500 to stop or start transaction transmissions 704 unilaterally, wherein the DUT 212 has no flow control and rather is simply notified by the agent 500 when transaction transmission 704 is incoming, Column 18, lines 40- Column 19, line 5). 

Ramanath and Han et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to use Han et al. in Ramanath for establishing a secure communication session, with a handshake between the client and the server including the client and/or the server transitioning past a standards-required verification step or validation step without performing the required verification or validation step as claimed for purposes of enhancing the testing environment of Ramanath to allow full control in the agent 500 to stop or start transaction transmissions 704 unilaterally, wherein the DUT 212 has no flow control and rather is simply notified by the agent 500 when transaction transmission 704 is incoming (see Han et al. Column 18, lines 40- Column 19, line 5).

Canady et al. teaches to provide methods and systems to efficiently test handling of HTTPS sessions of a plurality of clients with a plurality of servers by a switching, bridging or routing device (referred to as the "device or system under test" or "DUT"), the testing conducted by a test system having at least first and second ports that are coupled to ports on the DUT, (0010), establishing a secure communication session, with a handshake between the client and the server with a handshake between the client and the server (negotiating an encryption protocol and exchanging keys, and completing an HTTPS handshake, 0011).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to use Canady et al. in Ramanath for establishing a secure communication session, with a handshake between the client and the server as claimed for purposes of enhancing the testing environment of Ramanath to efficiently test handling of HTTPS sessions of a plurality of clients with a plurality of servers by a switching, bridging or routing device (referred to as the "device or system under test" or "DUT").  (see Canaday et al. 0011)

Claim 9:
With respect to claim 9, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 8, as addressed.  

Canady et al. teaches wherein one of the standards-required security mechanisms that is reused by the client or the server is a reused certificate, where reuse of certificates is contrary to a standard-based procedure of the secure communication session (The server 220 continues the handshaking procedure by sending a Certificate in operation 242, 0043) (after receiving the certificate, the client 210 will essentially say, ok, let's start encrypting 0044) (the client 210 and the server 220 exchange "test packets" therebetween.  In typical HTTPS communications, once encryption is negotiated (see operations 240-249), subsequent communications between the client 210 and the server 220 include (i) an unencrypted header, (ii) an encrypted command, such as GET or POST, and (iii) encrypted data that is encrypted using the negotiated encryption method, 0045).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 8.

Claim 10:
With respect to claim 10, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 8, as addressed.  

Canady et al. teaches wherein the reused certificate is selected from a pool of reusable certificates (The server 220 continues the handshaking procedure by sending a Certificate in operation 242, 0043) (after receiving the certificate, the client 210 will essentially say, ok, let's start encrypting 0044) (the Caches can be utilized to pre-fetch the data necessary for performing operations 240 through 251, 0055).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 8.

Claim 11:
With respect to claim 11, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 8, as addressed.  

Canady et al. teaches wherein the reused certificate is a wildcard certificate covering all subdomains of a top-level domain or a wildcard certificate covering all top-level domains, both types of wildcard certificates being unusable or non-compliant according to a standard-based procedure utilized to conduct the secure communication session (high-level data link control (HDLC), 0035) (the test system 100 is configurable on many levels and is capable of interfacing with a DUT 130 using any of the interfaces and protocols from the OSI layers (i.e. layers 1-5) that are below the HTTPS layers (i.e., layers 6 and 7), 0037).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 8.

Claim 12:
With respect to claim 12, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 8, as addressed.  

Canady et al. teaches wherein one of the standards-required security mechanisms that is reused by the client or the server is a reused key, where reuse of keys is contrary to a standard-based procedure of the secure communication session (From the "Client_Key_Exchange" message the server 220 will receive a key and both the client 210 and server 220 will be able to calculate a master secret code and from the "Change_Cipher_Spec" message., the different types of algorithms and encryption/decryption can include symmetric algorithms that use a single key, and asymmetric algorithms that use a public/private key pair, 0044).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 8.

Claim 13:
With respect to claim 13, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 8, as addressed.    

Canady et al. teaches wherein one of the standards-required security mechanisms that is reused by the client or the server is a reused ticket, where reuse of tickets is contrary to a standard-based procedure of the secure communication session (pre-fetching makes it possible to get canned data or messages from the external memory 400 or other sources, such that the canned data or messages can be used as the payload of the messages exchanged between the server machine 120 and the client machine 110, 0056).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 8.

Claim 14:
With respect to claim 14, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 8, as addressed.  

Canady et al. teaches where reuse of the standards-required security mechanisms is performed when a standard-based procedure of the secure communication session requires at least one of a discarding of the standards-required security mechanism, a creation of a new standards-required security mechanism, an implementation of a standards-required security mechanism having new values (The entry handlers 441 handle the entry of a message and can cause a state of the FSM 440 to change and the exit handlers 442 handle the exit of a massage based on the new state of the FSM 440, 0057) (the FSM 440 performs an evaluation of the received incoming test packet 450 and performs a state change from an old state to a new state 810, based on the net state, the FSM 440, using one or more exit handlers, outputs the new state 820 or a new state message, a counter update 830, and additional information 840, Information from the new state 820, the counter update 830 and the additional information 840 can be received by a generator and combiner 850 that generates and combines the received information to generate the outgoing test packet 860 that includes an outgoing header 870 and an outgoing payload 880, 0070).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 8.

Claim 15:
With respect to claim 15, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 8, as addressed.  

Canady et al. teaches wherein the establishing of the secure communication session includes the server selecting an exchange mode of exchanging standards-required security mechanisms regardless of whether the exchange mode is listed by the client (A person of ordinary skill in the art may understand that the type of data generation required for the first phase of HTTPS communication (see FIG. 2) can be referred to as flexible mode data generation and the type of data generation required for the second phase of HTTPS communication, as implemented by the present technology can be either flexible mode data generation (i.e., not pre-fetching data into the Caches for data generation) or inflexible mode data generation (i.e., using pre-fetching data, to place the appropriate data into the Caches), 0056).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 8.



Claim 16:
With respect to claim 16, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 8, as addressed.  

Canady et al. teaches wherein the establishing of the secure communication session includes the server transmitting a non-unique standards-required security mechanism request contrary to a standard-based procedure of the secure communication session requires a unique standards-required security mechanism request (combining patterned payload data to the generated address and packet header to form test packets without using the negotiated encryption protocol to encrypt and decrypt the patterned payload data, 0011).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 8.

Claim 17:
With respect to claim 17, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 8, as addressed.  

Canady et al. teaches wherein the standards-required security mechanisms are a requirement of a standard-based procedure utilized to conduct the secure communication session (The SSL (Secure Sockets Layer) protocol is the early version of security that was required by HTTPS and the 
TLS (Transport Layer Security) protocol is the more recent version of security required by HTTPS., 0005) (HTTPS requires a level of encryption that has been negotiated between the servers and the clients, 0008).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 8.

Claim 18:
With respect to claim 18, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 8, as addressed.  

Canady et al. discloses wherein one of the reused standards-required security mechanisms is an invalid certificate, key or hash (The "Client_Hello" message may include a session ID, as well as other information required by the HTTPS protocol.  For example, the "Client_Hello" message may include information regarding which types of Key the client 210 can accept (e.g., RSA, Diffie-Hellman, DSA, etc.), which type of Cipher the client can accept (e.g., RC4, Triple DES, AES, etc.) and which type of Hash can be used (e.g., HMAC-MDS, HMAC-SHA, etc.), 0041) (The "Server_Hello" message may also indicate which type of Key, Cipher and Hash will or can be used by the server 220., 0042).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 8.

Claim 19:
With respect to claim 19, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 8, as addressed.  

Canady et al. teaches further including the secure communication session using a security mechanism that has a lower security strength than a security strength required by a standard-based procedure utilized (the test system 100 is configurable on many levels and is capable of interfacing with a DUT 130 using any of the interfaces and protocols from the OSI layers (i.e. layers 1-5) that are below the HTTPS layers (i.e., layers 6 and 7), 0037).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 8.

Claim 20:
With respect to claim 20, Ramanath discloses a method of testing handling of secure communication sessions of a plurality of clients with a plurality of servers by (testing network or network devices, 0003) (test traffic, plurality of network users, servers, 0013) (test session, test traffic hundreds or thousands of EU activities, 0047) device or system under test (DUT) (network and/or device to be tested (the network under test or NUT), network or device under test, 0033) (network or device to be tested, router switch, 0034), the testing conducted by a test system having at least first and second ports that are coupled to ports on the DUT (port unit within the network test equipment, 0013) (one or more port unit, 0025) (initializing a test system, 0032), the method including:
using a plurality of client state machines running one or more processor cores (plurality of network users, services, 0013) (one or more processors, 0024),
communicating through the DUT with a plurality of server state machines running on one or more additional processor cores (plurality of network users, services, 0013) (one or more processors, 0028) (network test equipment and the network devices communicate simultaneously with one another, 0028);
for each connection between (i) a client represented by a client state machine, of the plurality of client state machines, and (ii) a server represented by a server state machine, of the plurality of server state machines, setting up a secure communication session (plurality of network users, services, connection between the network and the equipment used to test the network, 0013) (one or more processors, 0024) (network test equipment and the network devices communicate simultaneously with one another, 0028) including:
following the setup of at least 1,000 secure communication sessions, conducting a test including: generating test packets (test traffic including literally millions of packets representing activities of thousands or hundreds of thousands of EUs, 0047); and transmitting the test packets through the DUT (test traffic comprising a large number of packets transmitted, 0013); and compiling and reporting results of the test (reporting test results, 0032) (test results captured, 0050).

Ramanath does not disclose establishing a secure communication session, with a handshake between the client and the server including the client and/or the server transitioning past a standards-required verification step or validation step without performing the required verification or validation step as claimed. 

However, Han et al. teaches he system 100 comprises a testbench builder device 102 coupled with one or more DUTs 104 via one or more networks 106.  (Column 7, lines 26-30), establishing a secure communication session, with a handshake between the client and the server including the client and/or the server transitioning past a standards-required verification step or validation step without performing the required verification or validation step (a simple or one-way handshake protocol without flow control 702 and transaction transmission 704, the one-way handshake protocol without flow control 702 comprises sending a first signal "valid" from the agent 500 to the DUT 212 (via an interface).  According to the handshake protocol 702, the agent 500 indicates that it is ready to send data when it makes "valid" high (and/or that all control and data signals are valid), but unlike the first process, the agent 500 does not wait for, nor does the DUT 212 send, a signal that indicates that the DUT 212 is ready to accept data.  This one-way handshake protocol puts full control in the agent 500 to stop or start transaction transmissions 704 unilaterally, wherein the DUT 212 has no flow control and rather is simply notified by the agent 500 when transaction transmission 704 is incoming, Column 18, lines 40- Column 19, line 5). 

Ramanath and Han et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to use Han et al. in Ramanath for establishing a secure communication session, with a handshake between the client and the server including the client and/or the server transitioning past a standards-required verification step or validation step without performing the required verification or validation step as claimed for purposes of enhancing the testing environment of Ramanath to allow full control in the agent 500 to stop or start transaction transmissions 704 unilaterally, wherein the DUT 212 has no flow control and rather is simply notified by the agent 500 when transaction transmission 704 is incoming (see Han et al. Column 18, lines 40- Column 19, line 5).

Canady et al. teaches to provide methods and systems to efficiently test handling of HTTPS sessions of a plurality of clients with a plurality of servers by a switching, bridging or routing device (referred to as the "device or system under test" or "DUT"), the testing conducted by a test system having at least first and second ports that are coupled to ports on the DUT, (0010), establishing a secure communication session, with a handshake between the client and the server with a handshake between the client and the server (negotiating an encryption protocol and exchanging keys, and completing an HTTPS handshake, 0011).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to use Canady et al. in Ramanath for establishing a secure communication session, with a handshake between the client and the server as claimed for purposes of enhancing the testing environment of Ramanath to efficiently test handling of HTTPS sessions of a plurality of clients with a plurality of servers by a switching, bridging or routing device (referred to as the "device or system under test" or "DUT").  (see Canaday et al. 0011)

Claim 21:
With respect to claim 21, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 20, as addressed.  

Canady et al. teaches wherein elements of the content generated and transmitted by the client and server are unsigned or improperly signed (without using the negotiated encryption protocol to encrypt and decrypt the patterned payload data, 0011, 0012), which is contrary to the established standard-based procedure that requires the elements of the content to be signed or properly signed (The Certificate can identify, for example, a serial number, an issuer (e.g., Verisign), validity dates, a public key, as well as a site address, and a company address, 0043) (the "Client_Hello" message may include information regarding which types of Key the client 210 can accept (e.g., RSA, Diffie-Hellman, DSA, etc.), which type of Cipher the client can accept (e.g., RC4, Triple DES, AES, etc.) and which type of Hash can be used (e.g., HMAC-MDS, HMAC-SHA, etc.), 0041) (The "Server_Hello" message may also indicate which type of Key, Cipher and Hash will or can be used by the server 220, 0042).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 20.

Claim 22:
With respect to claim 22, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 20, as addressed.  

Canady et al. teaches wherein the unsigned content is selected from a pool of unsigned content (The server 220 continues the handshaking procedure by sending a Certificate in operation 242, 0043) (after receiving the certificate, the client 210 will essentially say, ok, let's start encrypting 0044) (the Caches can be utilized to pre-fetch the data necessary for performing operations 240 through 251, 0055).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 20.

Claim 23:
With respect to claim 23, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 20, as addressed.  

Canady et al. teaches further including transmitting content contrary an established-based procedure that requires encryption of the content (negotiating an encryption protocol and exchanging keys, and completing an HTTPS handshake, 0011) (without using the negotiated encryption protocol to encrypt and decrypt the patterned payload data, 0011, 0012).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 20.

Claims 24, 25, 26:
With respect to claims 24, 25, 26, the combination of Ramanath, Han et al., and Canady et al. discloses the limitations of claim 20, as addressed.  

Canady et al. teaches a test system including one or more processors and non-transitory memory coupled to the processors, the non-transitory memory holding a computer program thereon (non-transitory computer readable recording medium having computer program instructions recorded thereon for testing handling of HTTPS sessions of a multitude of clients with a plurality of servers by a switching, bridging or routing device (referred to as the "device or system under test" or "DUT"), 0012), the computer program for testing handling of secure communication sessions of a plurality of clients with a plurality of servers by device or system under test (DUT) (having computer program instructions recorded thereon for testing handling of HTTPS sessions of a multitude of clients with a plurality of servers by a switching, bridging or routing device (referred to as the "device or system under test" or "DUT"), 0012), the test system further including at least first and second ports that couple the processors to ports on the DUT, the test system executing the computer program on the one or more processors to perform the method of claim 1/8/20 (the testing conducted by a test system having at least first and second ports that are coupled to ports on the DUT, 0010).

Ramanath and Canady et al. are analogous art because they are from the same field of endeavor of device/system under test (DUT).

The motivation for combining Ramanath and Canady et al. is recited in claim 20.


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure, (see PTO Form 892).

Any inquiry concerning this communication or earlier communications from the examiner should be directed to Helai Salehi whose telephone number is 571-270-7468.  The examiner can normally be reached on Monday - Friday from 9 am to 5 pm., every other Friday off.
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Jeff Pwu, can be reached on 571-272-6798.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).

/HELAI SALEHI/
Examiner, Art Unit 2433

/JEFFREY C PWU/           Supervisory Patent Examiner, Art Unit 2433