DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of Claims
Claims 1-20 have been.
Response to Arguments1
101
Claim 16 key management and data management. These are abstract ideas. The computer technology merely automates and implements the abstract idea. The additional elements of the processors and memory automate and implement the abstract idea. Therefore, the abstract idea is not integrated into a practical application. The processor merely automates and implements the abstract idea to perform the functions. The devices do not provide meaningful limitations beyond generally linking the use of an abstract idea to a particular technological environment, the claim continues to be non-statutory. See Alice Corp. v. CLS Bank International, 573 U.S. __, 134 S. Ct. 2347 (2014).
Applicant submits that “the claimed subject matter does not merely recite a concept of encryption per se or wholly pre-empt a math[] formula for encryption[.]” (Rm. at 17.) Applicant has not identified any language that would tie the encryption to a practical application. That is, Applicant’s statements are just conclusory. 
Applicant submits that encryption “reflects an improvement in the functioning of a computer to facilitate secure processing and transmission of data.” (Rm.at 19.) Examiner in the NF relied upon FairWarning IP, LLC v. Iatric Sys., Inc., 839 F.3d 1089, 1093–94 (Fed. Cir. 2016) which goes unchallenged. The claims in FairWarning were directed towards encoding. As such, Applicant has failed to shift the 
According to Applicant’s statements, the claims are directed towards an abstract idea since secure key management is nothing more than mathematical operations. Reading in light of the instant Specification, see MPEP 2111, keys are related to at least “Elliptic Curve Cryptography” and the like. (PGPUB at 0006.) Additionally, cryptographic techniques, which lay only within the domain of mathematics, are “well-known prior art” according to Applicant’s Specification. (PGPUB at 0007.)
With respect to Applicant’s statement related to the electronic circuits, the claim language is not inextricably linked the abstract idea since the processor is just a general purpose computer that automates and implements. (PGPUB at 0019.)
103
Arguments rendered moot. New grounds of rejection.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 16-19 and 32 are rejected under 35 U.S.C. 101 because the claimed invention is directed to abstract ideas without significantly more.
In the instant case, claims 16-19 and 32 are directed to a system. Therefore, these claims fall within the four statutory categories of invention. 
The claims are directed towards a “data transmission system,” as indicated by the title. Further, looking at the overall scope and content of the claims, the preamble recites: “secure content distribution.” As such, data transmission or secure content distribution are abstract ideas of organizing human activity since content distribution is a commercial or legal interaction. Specifically, the exchange of content is used in business relationships because business relationships often required the exchange of ideas or information to make decisions. Claims recite “receive user specific data from the user […] store service response data based on output of processing the user specific data [….] receive and store…service response data from the user […] receive…response data […] transmit the…response data […] transmit the user specific data […] receive…response data” which are grouped within the “certain methods of organizing human activity.” The claims fall into abstract ideas in prong one of step 2A of the Alice/Mayo test because the claims are a commercial or legal interaction. See 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 52, 54 (January 7, 2019). Accordingly, the claims recite an abstract ideas (See pages 7, 10, Alice Corporation Pty. Ltd. v. CLS Bank International, et al., US Supreme Court, No. 13-298, June 19, 2014; 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 53-54 (January 7, 2019)).
Additionally, the claims are directed towards cryptographic operations per the language of “single encrypted…data” and “double encrypted response data” which is the abstract idea of a mathematical concept. See 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, at 52 (Jan. 7, 2019). Therefore, the claim is directed an abstract idea, as it has been held that a combination of abstract ideas, in this case organizing human activity and a mathematical concept, is still an abstract idea. See FairWarning IP, LLC v. Iatric Sys., Inc., 839 F.3d 1089, 1093–94 (Fed. Cir. 2016). With respect to the newly added language in the preamble discussing a cryptosystem and the “double encrypted service response data,” these further describe a mathematical concept.
This judicial exception is not integrated into a practical application because, when analyzed under prong two of step 2A of the Alice/Mayo test (See 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 54-55 (January 7, 2019)), the additional elements of the claims such as processor, memory, a capturing device (newly added language), and processing module merely uses a computer as a tool to perform an abstract idea(s). Specifically, the processor, memory, and processing module performs the steps or functions of “receive user specific data from the user […] store service response data based on output of processing the user specific data [….] receive and store…service response data from the user […] receive…response data […] transmit the…response data […] transmit the user specific data […] receive…response data” as a tool to implement the abstract idea(s). This does not integrate the abstract idea(s) into a practical application because it requires no more than a computer performing functions that correspond to acts required to carry out the abstract idea(s). Operations do not involve improvements to the functioning of a computer, or to any other technology or technical field (MPEP 2106.05(a)), the claims do not apply or use the abstract idea(s) to effect a particular treatment or prophylaxis for a disease or medical condition (Vanda Memo), the claims do not apply the abstract idea(s) with, or by use of, a particular machine (MPEP 2106.05(b)), the claims do not effect a transformation or reduction of a particular article to a different state or thing (MPEP 2106.05(c)), and the claims do not apply or use the abstract idea(s) in some other meaningful way beyond generally linking the use of the abstract ideas to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception (MPEP 2106.05(e) and Vanda Memo). Therefore, the claims do not, for example, purport to improve the functioning of a computer. Nor do they effect an improvement in any other technology or technical field. Accordingly, the additional elements do not impose any meaningful limits on practicing the abstract idea(s), and the claims are directed to an abstract idea(s).
The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because, when analyzed under step 2B of the Alice/Mayo test (See 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 52, 56 (January 7, 2019)), the additional elements using a “receive user specific data from the user […] store service response data based on output of processing the user specific data [….] receive and store…service response data from the user […] receive…response data […] transmit the…response data […] transmit the user specific data […] receive…response data” to perform the steps amounts to no more than using a computer or processor to automate and/or implement the abstract idea(s) of mathematical concepts and organizing human activity. As discussed above, taking the claim elements separately, the processor, memory, capturing device, and processing module performs the steps or functions of “receive user specific data from the user […] store service response data based on output of processing the user specific data [….] receive and store…service response data from the user […] receive…response data […] transmit the…response data […] transmit the user specific data […] receive…response data”. These functions correspond to the actions required to perform the abstract ideas. Viewed as a whole, the combination of elements recited in the claims merely recite the concept(s) of mathematical concepts and organizing human activity. Therefore, the use of these additional elements does no more than employ the computer to automate and/or implement the abstract ideas. The use of a computer or processor to merely automate and/or implement the abstract ideas cannot provide significantly more than the abstract ideas itself (MPEP 2106.05(I)(A)(f) & (h)). Therefore, the claim is not patent eligible.
Dependent claims 17-19 and 32 further describe the abstract ideas of organizing human activity and mathematical concepts. The dependent claims do not include additional elements that integrate the abstract ideas into a practical application or that provide significantly more than the abstract ideas. Therefore, the dependent claims are also not patent eligible.

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a)  IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same,  and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.


The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 16-19 and 32 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement.  The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for pre-AIA  the inventor(s), at the time the application was filed, had possession of the claimed invention.
Claim 16 recites: “in response...control processing of the user specific data by a processing module....” The language of “control processing” is not found in the Spec., nor has Applicant outlined where the subject matter can be found. (MPEP 2163.) Further, the language of “processing module” cannot be found alongside the “control processing” language in the Spec.
Claim 17-19 and 32 are rejected under the same line of reasoning.
Claim 16 recites newly added language of “received the single encrypted service response data from the transmission management system” whereas previously filed claims recited that the data was from the “data consumer network device” directly. Only the language of “transmission management system” appears in the originally filed claims and does not appear in the body of the Spec. such as the Summary, Detailed Description, or the Drawings, wherein the Drawings refer to Fig. 1 Item 1 called a “transmission 1” according to PGPUB 0021. As such, the transmission management system does not have sufficient support for the newly added language. (MPEP 2161.01.)

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 16-19 and 32 are rejected under AIA  35 U.S.C. 103(a) as being unpatentable over Ginter et al. (US5892900) (“Ginter”) in view of Applied Cryptography by Schneier.
Regarding claim 16:
I. Ginter as a Whole
Ginter is drawn to at least a series of VDE nodes which are electronic appliances, see col. 177 & Fig. 41c (showing VDE nodes). In a genus, Ginter contemplates a series of at least three (3) VDE nodes which comprises a genus called METHOD. See Ginter at Fig. 41c Items 1000(A-C). It can be appreciated by a POSITA that the methods are based off a response/request methodology. See col. 177 (discussing reciprocal methods). As such, Ginter teaches language such as “in response to” and the like. Compare Fig. 41c Item “Request-1” (action) with “Response-1” (reaction).
More importantly, Ginter’s methods are non-limiting and Fig. 41c is merely by example. The very next figure of 41d contemplates a non-limiting species of said METHOD—specifically, BUDGET. See Fig. 41d Items 1510(A-C). Further still, the BUDGET method is one of many methods to be used. See, e.g., Fig. 45 (showing EVENT METHOD, METER METHOD, BILLING METHOD, and BUDGET METHOD), Fig. 46 (same), Fig. 47 (same), Fig. 48 (same); see also cols. 189-190 (listing methods).
As such, Ginter as a whole teaches a distributed system of VDE nodes with “flexible and highly modular [and] secure processing,” see Ginter at col. 187 ll. 49-67; see also Fig. 46 Item CONTROL method (controlling at least four (4) other methods). Therefore, based on the subsidiary facts of multiple methods in a flexible framework of VDE nodes with a flexible CONTROL method controlling multiple methods, it is can appreciated by a POSITA that Ginter teaches expressly but also teaches in an implicit manner as fill be mapped below. See MPEP 2144.01 (“[I]t is proper [to draw] inferences which one skilled in the art would reasonably be expected to draw therefrom”).


    PNG
    media_image1.png
    1394
    876
    media_image1.png
    Greyscale

Figure 1 reproduced from Fig. 41c (Examiner's annotations).
II. Ginter as teaching METHODs in VDE Nodes
Ginter teaches flexible METHODs in VDE nodes as follows:
An electronic secure peer-to-peer transmission system (Examiner is taking peer to peer in light of the Spec. In one embodiment Applicant contemplates a “central” P2P system. (Applicant’s PGPUB at 0029.) When looking at the claim language as a whole with the elements in the body of transmission management system, data consumer network device, and user network device, it is clear that Applicant’s claim language is limited to this embodiment of a P2P system. As such, Ginter teaches P2P (or the central P2P) with the general VDE nodes in Fig. 41c.) based upon a controlled...cryptographic key structure providing a closed cryptosystem (col. 207 ll. 55-67 “[T]he preferred embodiment is not dependent on any particular type of crypto system or encryption decryption algorithm(s)[.]” (Examiner’s emphasis.), col. 208 ll. 1-32 (discussing “electronic appliances 600” in encryption framework) (Note: When reading the Spec. as a whole, the Examiner is taking “closed cryptosystem” as confidential communication between peers of P2P system.) for secure content distribution (col. 287 ll. 45-67 (discussing distribution”), col. 288 ll. 14-21 (discussing “content”)) and processing within a provided, secured digital network environment (Note: See discussion on Content Highway infra.)2, comprising:
a transmission management system (Fig. 41c Item 600B);
a data consumer network device; (Fig. 41c Item 600C)
a user network device; and (Fig. 41c Item 600A)
a data transmission network communicatively connecting the transmission management system, the data consumer network device, and the user network device, wherein (Fig. 2 Item “Electronic Content Highway”) (Note: The Content Highway may be “LAN, WAN, two-way cable [and etc.]” See col. 168 (discussing communication means).)
the transmission management system (Fig. 41c Item 600B) comprises electronic circuits configured to:
(Note: VDE nodes may be “electronic appliance 600,” see col. 177. Accordingly, the appliance may have a combination of hardware/software, see col. 60 ll. 8-67)
receive user-specific data from the user network device (Fig. 41c Item 1452);
(Note: By example, the bottom VDE nodes may be a “Content use VDE node” according to Fig. 41d. Specifically, this node is a “content user 112,” see col. 278 ll. 59-55. Further still, the VDE node 112 utilizes the “use” processes to “open, read, write, and/or close the content object,” see col. 180 ll. 25-30. Accordingly, this teaches the claim language of “user-specific data.”) via the data transmission network (Note: See explanation on network supra.)
in response to a request for a service provided by the data consumer device (Note: Ginter contemplates proxy servers that make request on behalf of other devices, see col. 281 ll. 45-67. As such, when viewed in light of the contemplation of the generalized methods, Ginter meets this limitation as the DCND is nothing more than a device making requests on behalf of the user network device.) by the user network device (Note: See discussion supra. based on action-reaction.), control processing of the user-specific data (Fig. 46 Item “CONTROL METHOD 410”; col. 189 ll. 1-15.) (Note: The control method in Fig. 46 is a method that “may call, dispatch events, or otherwise invoke the other methods...,” see col. 189 ll. 1-10.) by a processing module that is provided by the data consumer network device (Note: Examiner is taking this language as instruction request. As such Ginter teaches via action/reaction supra.) to generate service respond data (Fig. 41c Item 1469) 
(Note: The claim language of “respond data” is meet since the methods of Ginter are based off a triggering process of reciprocal methods, see col. 177 45-67.); 
generate single-encrypted service response data by encrypting (Note: See explanation on reciprocal methods (i.e. action-reaction) supra. See explanation on cryptography infra.), using a first cryptographic key associated with the data consumer network device, the service response data (Fig. 41c Item 1469);
transmit the single-encrypted service response data (Note: Ginter contemplates in a preferred embodiment that PK systems3 is non-bulk encryption, see id. at col. 207 ll. 55-67. Each of the VDE nodes/Appliances encrypt/decrypt using hardware or software, see id. at col. 208 ll. 17-32. As such, “single-encrypted” data is taught as secure channels are established between all the VDE nodes. Further for PK systems, Ginter contemplates the distribution of public keys that are to be used by other PEEs, see id. at col. 210 (“[O]ne PPE 650 uses a public key generated by another PPE[.]”) (Examiner’s underlining.”). Further still, it is clear from Ginter that public keys are distributed between users which may be used to establish a secure channel, see id. at col. 266 ll. 20-39 (“Standard public key...techniques can be used***[to] ensure that each party has a means of making claims[.]”); see also col. 207 (discussing PK encryption background).) to the user network device; and (Fig. 41c Item 1469)
receive []encrypted service response data from the user network device (Fig. 41c Item 1452) (Note: Examiner submits that the content may be pass through a series of methods such as METER method, BILLING method, and BUDGET methods, see Fig. 45 (showing chronology of methods). Accordingly, Ginter meets the claim language of “receive []encryption service response data” since the user VDE 112 node is in continuous negotiations with at least the VDE 106 node, compare Fig. 41d Item 112 with Fig. 41d Item 106.) and store the received double-encrypted service response data (col. 150 ll. 43-67 (discussing METER and BUDGET data structures), col. 151 ll.36-67 (discussing data map)),
(Note: Examiner notes that the user node 112 interacting with the 106 node ultimately sends user data which may be associated with the METER or BUDGET methods, see col. 150 ll. 44-60. As such, the “store” language in the claim since the node 106 keeps track of user content usage using the map of the UDE 1200.)
the user network device comprises a second processor that is configured to execute computer program codes to:
(Note: See discussion on VDE node 112 supra.)
obtain the user-specific data that is measured or captured (Note: See discussion on “use” processes associated with user node supra.) by a capturing device associated with the user network device (col. 61 ll. 3-18 “600 in this example may include a keyboard or keypad 612, a voice recognizer***a ‘modem’ 618 or other telecommunications link [and etc.]”);
transmit the user-specific data to the transmission management system (Fig. 41c Item 1452);
receive the single-encrypted service response data from the transmission management system (Fig. 41c Item 1469) (Note: See discussion on Ginter’s PK system’s supra.)....
transmit the []encrypted service response data to the transmission management system (Note: See discussion on “continuous negotiations” supra. See discussion on “secure channels” for crypto supra.),
wherein the user network device or the transmission management system is further configured to provide the user network device the first cryptographic key (Note: Ginter teaches a public key that is signed, also called a certificate, see id. at col. 210 ll. 30-45 (“public-key certificate is someone’s public key ‘signed’”). Later, Ginter discloses that certificates “may be obtained externally,” see id. at col. 211 ll. 39-45. As such, Ginter teaches key distribution from a “VDE administrator” to “other VDE electronic applications.” Id.) after the transmission management system receives predetermined authorization parameters (Examiner is taking “authorization-parameters” as a genius whereas “payment transfer parameters” are as a species in light of PGPUB 0015. Examiner is taking this as data for authorization. Accordingly, Ginter teaches these limitation as parties A and B utilize signatures of key other to “validate[] the other party,” see Ginter at col. 226 ll. 20-40. Limitations “receive and store” since the keys are “[a]cquired,” see Ginter at col. 226 ll. 41-42. That is, the public key may be used to validate for example.) associated with the user network device.

Ginter does not teach:
...double-tier encrypting...
...with first cryptography key
generate the double-encrypted...data by encrypting, using a second cryptographic key...
wherein decryption of the double-encrypted service response data requires both the first cryptographic key and the second cryptographic key, and

III. Teachings of Schneier
Schneier teaches the remaining language. That is, all that remains is double key data, a distribution of keys to be used by a TMS, and the decryption of the double encrypted data. Schneider meets all the limitations with the Anonymous Key Distribution framework on page 91. Page 91 discloses a KDC (i.e. key distribution center) which can be best analogized with the TMS since the TMS receives the double encrypted data. Additionally, Schneider teaches double encryption and decryption thereof, wherein cryptography is utilized to distributed keys generated by others devices, see id. at p. 91 (“[P]eople cannot generated their own keys[.]”).

IV. Motivation
Therefore, it would have been obvious to one of ordinary skill in the art at the time of the filing date to modify the VDE nodes which utilizes nonlimiting cryptography and at least utilize VDE admin nodes for key distribution with the KDC of Schneier in order to keep private keys secret from interception. Schneier at p. 91 (discussing problems such as “sitting in the middle”).

Regarding claim 17 Ginter wholly teaches:
The electronic secure peer-to-peer transmission system according to claim 16, wherein the user network device comprises a mobile phone, a web browser, one or more telematics devices, or an apparatus that is configured to generate the user-specific data by capturing health, wellness, or home-related measuring parameters (Fig. 7 Item 600 (showing multiple appliances); col. 82 ll. 55-67, col. 83 ll. 1-3).

Regarding claim 18 Ginter teaches:
The electronic secure peer-to-peer transmission system according to claim 16, wherein
the processor of the user network device (Note: See discussion on “electronic appliance” supra.) is configured to receive and store payment transfer parameters (Note: Examiner is taking “payment transfer parameters” in light of PGPUB 0015 (“predefined authorization parameters”) as data used for authorization. Accordingly, Ginter teaches these limitation as parties A and B utilize signatures of key other to “validate[] the other party,” see Ginter at col. 226 ll. 20-40. Limitations “receive and store” since the keys are “[a]cquired,” see Ginter at col. 226 ll. 41-42. That is, the public key may be used to validate for example.) associated with accessibility of the first cryptographic key to the user network device, and (Note: A proposes to B and then B acks. As such, when using, in one embodiment of a “public key protocol,” see Ginter at col. 266 ll. 24-25, the corresponding private key may be used to validate claims by B from A or A from B.)
the transmission management system is configured to control transmission of the first cryptographic key to the user network device (Note: Ginter teaches a public key that is signed, also called a certificate, see id. at col. 210 ll. 30-45 (“public-key certificate is someone’s public key ‘signed’”). Later, Ginter discloses that certificates “may be obtained externally,” see id. at col. 211 ll. 39-45. As such, Ginter teaches key distribution from a “VDE administrator” to “other VDE electronic applications.” Id.) based on the payment transfer parameters stored in the user network device (Note: See explanation supra.).

Ginter does not teach:
...private key distribution (p. 91)...

Schneier teaches the remaining language. That is, all that remains is double key data, a distribution of keys to be used by a TMS, and the decryption of the double encrypted data. Schneider meets all the limitations with the Anonymous Key Distribution framework on page 91. Page 91 discloses a KDC (i.e. key distribution center) which can be best analogized with the TMS since the TMS receives the double encrypted data. Additionally, Schneider teaches double encryption and decryption thereof, wherein cryptography is utilized to distributed keys generated by others devices, see id. at p. 91 (“[P]eople cannot generated their own keys[.]”).


Regarding claim 19 Ginter teaches:
The electronic secure peer-to-peer transmission system according to claim 16, wherein the electronic circuits of the transmission management system (Note: See discussion on “electronic appliances” supra.) are configured to make the first cryptographic key to be accessible to the user network device (Note: Ginter teaches a public key that is signed, also called a certificate, see id. at col. 210 ll. 30-45 (“public-key certificate is someone’s public key ‘signed’”). Later, Ginter discloses that certificates “may be obtained externally,” see id. at col. 211 ll. 39-45. As such, Ginter teaches key distribution from a “VDE administrator” to “other VDE electronic applications.” Id.) in response to allowance parameters (Note: Under BRI in light of PGPUB 0015 and 0028, Examiner is taking “allowance parameters” as request. As such, Ginter meets this language with the action/reaction mapping supra.) triggered by the data consumer network device (Note: See discussion on action/reaction corresponding to Fig. 41c supra.).

Ginter does not teach:
...private key distribution (p. 91)...

Schneier teaches the remaining language. That is, all that remains is double key data, a distribution of keys to be used by a TMS, and the decryption of the double encrypted data. Schneider meets all the limitations with the Anonymous Key Distribution framework on page 91. Page 91 discloses a KDC (i.e. key distribution center) which can be best analogized with the TMS since the TMS receives the double encrypted data. Additionally, Schneider teaches double encryption and decryption thereof, wherein cryptography is utilized to distributed keys generated by others devices, see id. at p. 91 (“[P]eople cannot generated their own keys[.]”).

Regarding claim 32 Ginter teaches:
The electronic secure peer-to-peer transmission system according to claim 16, wherein
the single-encrypted service response data and the []encrypted service response data  (Fig. 41c Item 1452, 1469) are generated according to a public key cryptography (col. 207 ll. 15-67 (discussing PK)).

Ginter does not teach:
...double encrypted data (p. 91)...

Schneier teaches the remaining language. That is, all that remains is double key data, a distribution of keys to be used by a TMS, and the decryption of the double encrypted data. Schneider meets all the limitations with the Anonymous Key Distribution framework on page 91. Page 91 discloses a KDC (i.e. key distribution center) which can be best analogized with the TMS since the TMS receives the double encrypted data. Additionally, Schneider teaches double encryption and decryption thereof, wherein cryptography is utilized to distributed keys generated by others devices, see id. at p. 91 (“[P]eople cannot generated their own keys[.]”).

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to DENNIS G KERITSIS whose telephone number is (313)446-6591.  The examiner can normally be reached on Mon-Fri 9:00-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Hayes John can be reached on (571) 272-6708.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/DENNIS G KERITSIS/Examiner, Art Unit 3685     

/JOHN W HAYES/Supervisory Patent Examiner, Art Unit 3685                                                                                                                                                                                                                                                                                                                                                                                                           


    
        
            
        
            
    

    
        1 Remarks (07/08/2021) are herein referred to as “Rm.”
        2 Examiner is saving space using cross-referencing for the mapping. As such, when Examiner cites infra or supra, a discussion has already been made below or above, respectively.
        3 PK systems is public key systems. See Ginter at col. 207 l. 19.