DETAILED ACTION
This Action is in consideration of the Applicant’s response on June 23, 2021.  Claim 1 has been amended by the Applicant.  Claims 1 – 13, where Claim 1 is in independent form, are presented for examination.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
	Applicant’s arguments filed June 23, 2021 have been fully considered but they are not persuasive.  Applicant argued:
a)	Regarding Claim 1, the cited prior art does not disclose or suggest three distinct Certificate Authorities that sign respective certificates.
b)	Regarding Claim 3, the Examiner has used impermissible hindsight to combine the references to derive the claimed limitations.
The Office respectfully disagrees with Applicant’s assertions.
1.	With regards to a), the Applicant indicates that the term “Certificate Authority” according to the art-accepted definition is an entity that issues digital certificates that certify the ownership of a public key with the name on the certificate [See Remarks, Pg. 6].  The Examiner does not argue with this assertion.  However, the Applicant’s description of the role of the AMG, respectfully, appears to be inaccurate.  
	The Applicant’s opinion that the AMG signs the CSR using a CA that is associated with the CDN precludes the interpretation that the AMG is 1) an entity that is 
	The former is merely the interpretation that being associated with the CDN CA prevents the AMG from being distinct from the CDN CA [See Remarks, Pg. 7, 1st full Para.].  The Office reminds the Applicant that the pending claims must be "given the broadest reasonable interpretation consistent with the specification" [In re Prater, 162 USPQ 541 (CCPA 1969)] and "consistent with the interpretation that those skilled in the art would reach" [In re Cortright, 49 USPQ2d 1464 (Fed. Cir. 1999)].  Even if the AMG and CDN CA are associated, that does not preclude any interpretation that they are distinct from one another.  For example, a processor and memory within a computing device are associated, but they are distinct in that they are physically distinct.  Furthermore, the “zone of trust” is only established when the certificates are verified as with any other SSL/TLS connection establishment in the art.
	The latter is the assumption that when the Gero reference states that “[t]he AMG signs the CSR (preferably using a certificate authority (CA) associated with the CDN),” the AMG signs the CSR using the private key of the CDN CA [See Remarks, 2nd full Para.].  One of ordinary skill in the art knowns that “signing” a CSR requires the signature to be generated using the signing entity’s private key.  If the AMG has access to the private key of the CDN CA, it would make any validation by the CDN CA insecure.  The fact that only the CDN CA has its private key is what makes the CA trustworthy in any verification.  Nothing in Gero indicates that the AMG uses to CDN CA’s private key.  To the contrary, Gero indicates that verification of a peer certificate requires that the certificate chain has a root node that matches the CA (AMG signs CSR 
The Applicant further argues that Bansal merely teaches the generation of a certificate within a trust chain and that the Examiner does not provide any evidence of how the prior art teaches the claimed limitations [See Remarks, Pg. 8, 1st Para.].  In response to Applicant's arguments against the references individually, one cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references.  See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986).
	As previously indicated in the previous Office Action, Gero discloses that the AMG can grant authority to the EMG to perform BTF functions for a company, where the EMG can then grant authority to each of the end nodes to perform various roles or tasks [See Non-Final Action, dated December 23, 2020 (hereinafter “Non-Final Action”), Pg. 4; citing Gero, Fig. 4, Para. 0035].  The nodes described in the Gero reference that are receiving certificates from the AMG are edge nodes [See Gero, Fig. 3, Para. 0035].
.
2.	With regards to b), in response to Applicant's argument that the Examiner's conclusion of obviousness is based upon improper hindsight reasoning, it must be recognized that any judgment on obviousness is in a sense necessarily a reconstruction based upon hindsight reasoning.  But so long as it takes into account only knowledge which was within the level of ordinary skill at the time the claimed invention was made, and does not include knowledge gleaned only from the applicant's disclosure, such a reconstruction is proper.  See In re McLaughlin, 443 F.2d 1392, 170 USPQ 209 (CCPA 1971).  
As described in Enns, the expiration dates of the certificates should be sooner if they are lower on the hierarchy [See Non-Final Action, Pg. 8, citing Para. 0191-193].  Therefore, the reference has already indicated that the expiration dates should be shorter for certificates that are lower in the hierarchy than certificates that are higher in 
	Additionally, the Applicant’s opinion that any client receiving a certificate from one of the nodes trusts the server certificate because all the machines are already operating in the “Customer Zone of Trust” misses the fact that to be in the Customer Zone of Trust, the certificate has to be validated for that node [See Gero, Para. 0035].  Nothing within the claims precludes the exchange of certificates to include nodes into the “Zone of Trust” or the exchange of certificates in a SSL/TLS connection establishment.  Therefore, the rejection is maintained by the Office.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 2, and 4 – 13 are rejected under 35 U.S.C. 103 as being unpatentable over PGPUb. 2015/0106624 (hereinafter “Gero”), in view of PGPub. 2017/0331859 (hereinafter “Bansal”).
3.	Regarding Claim 1, Gero discloses of a method to generate a trusted certificate on an endpoint appliance located in an untrusted network [Fig. 1 and 4; Para. 0036], wherein one or more client devices are configured to trust a first Certificate Authority (CA) that is administered by an administrator of the untrusted network [Para. 0035], comprising:

configuring a second CA distinct from the first CA in association with the key management service, the second CA configured to receive a second certificate signed by the first CA [Fig. 3; Para. 0035; certificate for AMG (second CA) signed by CA associated with CDN (first CA) in certificate chain of trust];
configuring 


Gero further discloses that the requesting client and RSA proxy client component are at the branch office location and that the RSA proxy server component is located at a data center [Fig. 4; Para. 0035].  Gero also discloses that the AMG grants authority to the EMG to perform BTF functions for a company, where the EMG can then grant  distinct from the first CA and the second CA in association with the edge machine configured to receive a third certificate and dynamically generating and providing the endpoint appliance a server certificate signed by the third CA, wherein a client device receiving the server certificate from the endpoint appliance trusts the server certificate as if the server certificate originated from the first CA, thereby enabling the endpoint appliance to terminate a secure information flow received at the endpoint appliance.
Bansal discloses a system and method for providing HTTPS connections from a security cloud/edge node to an external server on the Internet [Abstract; Fig. 7 and 22; Para. 0083, 0142].  Bansal further discloses that the edge node acts as a proxy to implement the HTTPS tunnel, which includes the edge node generating and signing a new certificate (third CA distinct from the first CA and the second CA in association with the edge machine configured to receive a third certificate) and sending it to the tunnel interface (dynamically generating and providing the endpoint appliance a server certificate signed by the third CA, the third CA configured to receive a third certificate signed by the second CA) [Fig. 22; Para. 0142].  Bansal also discloses that the tunnel interface generates and signs a new certificate and sends it to the client application to provide an HTTPS connection to the external server, where the tunnel interface terminates a secure information flow (client device receiving the server certificate from the endpoint appliance trusts the server certificate as if the server certificate originated from the first CA, thereby enabling the endpoint appliance to terminate a secure information flow received at the endpoint appliance) [Fig. 22; Para. 0142].  It would have 
4.	Regarding Claim 2, Gero, in view of Bansal, discloses all the limitations of Claim 1 above.  Gero further discloses that the secure information flow is provided over Transport Layer Security (TLS) [Para. 0032-33].
5.	Regarding Claim 4, Gero, in view of Bansal, discloses all the limitations of Claim 1 above.  Gero further discloses that the overlay network is a content delivery network (CDN) [Fig. 1; Para. 0004, 0029].
6.   	Regarding Claim 5, Gero, in view of Bansal, discloses all the limitations of Claim 1 above.  Gero further discloses that the endpoint appliance is located behind an enterprise firewall [Fig. 3; Para. 0030].
7.	Regarding Claim 6, Gero, in view of Bansal, discloses all the limitations of Claim 1 above.  Gero further discloses that a certificate includes a private key [Para. 0035; a client certificate signed by the AMG].
8.    	Regarding Claim 7, Gero, in view of Bansal, discloses all the limitations of Claim 1 above.  Gero further discloses that storing a private key associated with the second 
9.  	Regarding Claim 8, Gero, in view of Bansal, discloses all the limitations of Claim 1 above.  Gero further discloses that the edge machine is one of a set of edge machines co-located at a region of the overlay network proximate the endpoint appliance [Fig. 1 and 4; Para. 0033].
10.	Regarding Claim 9, Gero, in view of Bansal, discloses all the limitations of Claim 1 above.  Gero further discloses that the key management service is located in a secure data center [Fig. 3, item 300; Para. 0030; CDN operation and network service location].
11.    	Regarding Claim 10, Gero, in view of Bansal, discloses all the limitations of Claim 1 above.  Gero further discloses that the server certificate signed by the third CA is provided over a TLS connection established between the endpoint appliance and the edge machine [Para. 0038-39; proxy requests send over mutually–authenticated SSL connection].
12.  	Regarding Claim 11, Gero, in view of Bansal, discloses all the limitations of Claim 10 above.  Gero further discloses that the server certificate is provided in response to receipt at the edge machine of a certificate signing request (CSR) from the endpoint appliance [Para. 0038-39; proxy requests send over mutually–authenticated SSL connection].
13.	Regarding Claim 12, Gero, in view of Bansal, discloses all the limitations of Claim 1 above.  Gero further discloses of detecting compromise of the endpoint appliance and, in response, revoking the endpoint appliance access to the overlay network [Para. 0042].
Claim 13, Gero, in view of Bansal, discloses all the limitations of Claim 1 above.  Gero further discloses that the overlay network provides transport of network traffic between the endpoint appliance and an origin server located remote from the endpoint appliance [Fig. 1 and 5; Para. 0043].
Claim 3 are rejected under 35 U.S.C. 103 as being unpatentable over Gero, in view of Bansal, in further view of PGPub. 2019/0163468 (hereinafter “Enns”).
15.	Regarding Claim 3, Gero, in view of Bansal, discloses all the limitations of Claim 1 above.  Neither Gero nor Bansal disclose that wherein the server certificate has a time-to-live (TTL) that is shorter than a TTL associated with the third CA, wherein the TTL associated with the third CA is shorter than a TTL associated with the second CA, and wherein the TTL associated with the second CA is shorter than a TTL associated with the first CA.
Enns discloses a system and method for securing communications between devices [Abstract; Para. 0106].  Enns further discloses that the server certificate should have an expiration date prior to the enterprise and operation root certificates if they are lower in the certificate hierarchy [Fig. 39b; Para. 0191-193].  It would have been obvious to one skilled in the art before the effective filing date of the present invention to incorporate the teachings of Enns with Gero and Bansal since the systems implement secure HTTPS tunnels utilizing certificates.  The combination would enable the CDN of Gero to implement a certificate hierarchy where the certificate used between the edge node and terminal has the shortest TTL, the AMG certificate has the second longest TTL and the CA of the CDN has the longer TTL.  These TTL implementations would be a designer’s choice and the motivation to do so is to require more frequent renewal of .
Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Contacts
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Tae K. Kim, whose telephone number is (571) 270-1979.  The examiner can normally be reached on Monday - Friday (10:00 AM - 6:30 PM EST).
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Saleh Najjar, can be reached on (571) 272-4006.  The fax phone number for submitting all Official communications is (703) 872-9306.  The fax phone number for 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov.  Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at (866) 217-9197 (toll-free).

/TAE K KIM/Primary Examiner, Art Unit 2492