Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

DETAILED ACTION
This is in response to applicant’s amendment filed on 10/26/2021 to Application #16537651 filed on 08/12/2019 in which Claims 1-20 are presented for examination.

Status of Claims
Claims 1-20 are pending, of which Claims 1, 5-8, 12-15, 19-20 are rejected under 35 U.S.C. 103.  Claims 2-4, 9-11, 16-18 are objected to as being allowable as a whole under prior art if rewritten in independent form including all of the limitations of their base claim and any intervening claims as well as addressing any additional issues described below.

Prior Art Rejections - 35 USC § 102 and/or 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

(s) 1, 5-6, 8, 12-13, 15, 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over KENT US Patent Application Publication 2017/0279785 in view of KENT US Patent Application Publication 2017/0279618 and further in view of VANGARA et al. US Patent Application Publication No. 2015/0350195.

Regarding Claim 1, KENT 9785 discloses:
A system, comprising: a computing device comprising a processor and a memory: machine-readable instructions stored in the memory that, when executed by the processor, cause the computing device to at least [(KENT 9785 Par 25 Lines 1-16) where KENT 9785 teaches a computer apparatus with instructions stored in memory and executed by a processor]:
send a request to a certificate authority for a signing certificate [(KENT 9785 Par 1 Lines 1-3; Par 27 Lines 10-12; Par 43 Lines 17-19) where KENT 9785 teaches the sending of a request to a certificate authority for a X.509 digital signing certificate];
receive the signing certificate from the certificate authority [(KENT 9785 Par 1 Lines 1-3; Par 27 Lines 10-12; Par 43 Lines 19-27) where KENT 9785 teaches the receiving of a X.509 digital signing certificate from the certificate authority];
store the signing certificate in the memory [(KENT 9785 Par 1 Lines 1-3; Par 27 Lines 10-12; Par 30 Lines 7-11; Par 43 Lines 1-6, 17-27) where KENT 9785 teaches the storing of the X.509 digital signing certificate received from the certificate authority into a storage memory];


receive a file from a client application executed by the processor of the computing device; sign the file with the signing certificate to create a signed file; and return the signed file to the client application, that the file is a signed file
insert a unique identifier for the signing certificate into the file

However, KENT 9618 discloses:
receive a file from a client application executed by the processor of the computing device; sign the file with the signing certificate to create a signed file; and return the signed file to the client application, that the file is a signed file [(KENT 9618 Par 1 Lines 1-3; Par 27 Lines 10-12; Par 44 Lines 8-13) where KENT 9618 teaches that a Certificate User or Client signs a document/file or a portion of a document/file with a public/private key pair contained within an x.509 signing certificate that the certificate user has received from a Certificate Requester, obviously requiring the processor of the Certificate User or Client to retrieve a document/file to be signed utilizing a User or Client application executing on the Certificate User or Client’s processor, sign the document/file with the appropriate key in the x.509 signing certificate, and return the signed document/file to control of the User or Client application].

KENT 9785 and KENT 9618 are analogous art because they are from the “same field of endeavor” and are from the same “problem-solving area”.  Namely, they are both from the field of “information security”.

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of KENT 9785 and the teachings of KENT 9618 by providing a Certificate User or Client signing a document/file or a portion of a document/file with a public/private key pair contained within an x.509 signing certificate that the certificate user has received from a Certificate Requester, obviously requiring the processor of the Certificate User or Client to retrieve a document/file to be signed utilizing a User or Client application executing on the Certificate User or Client’s processor, sign the document/file with the appropriate key in the x.509 signing certificate, and return the signed document/file to control of the User or Client application as taught by KENT 9618 in the teaching described by KENT 9785.
The motivation for doing so would be to increase the usability and flexibility of KENT 9785 by providing a Certificate User or Client signing a document/file or a portion of a document/file with a public/private key pair contained within an x.509 signing certificate that the certificate user has received from a Certificate Requester, obviously requiring the processor of the Certificate User or Client to retrieve a document/file to be signed utilizing a User or Client application executing on the Certificate User or Client’s processor, sign the document/file with the appropriate key in the x.509 signing certificate, and return the signed document/file to control of the User or Client application as taught by KENT 9618 in the teaching described by KENT 9785 so as to provide industry standard signing security functionality to items like a document/file to guarantee to a recipient of the document/file the identity of the sender.

The combination of KENT 9785 and KENT 9618 does not appear to explicitly disclose:
insert a unique identifier for the signing certificate into the file

However, VANGARA et al. discloses:
insert a unique identifier for the signing certificate into the file
 [(VANGARA et al. Claim 15 Lines 8-11) where VANGARA et al. teaches a signing or self-signing certificate has a unique identifier inserted that identifies an owner of a process, and that the signing or self-signing certificate which includes the unique identifier that identifies the owner of the process is also inserted into a file for storage].

KENT 9785, KENT 9618, and VANGARA et al. are analogous art because they are from the “same field of endeavor” and are from the same “problem-solving area,”.  Namely, they are both from the field of “information security”.

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of KENT 9785 and KENT 9618 and the teachings of VANGARA et al. by providing a signing or self-signing certificate which has a unique identifier inserted that identifies an owner of a process, and that the signing or self-signing certificate which includes the unique identifier that identifies the owner of the process is also inserted into a file for storage as taught by VANGARA et al. in the teaching described by KENT 9785 and KENT 9618.
The motivation for doing so would be to increase the usability and flexibility of KENT 9785 and KENT 9618 by providing a signing or self-signing certificate which has a unique identifier inserted that identifies an owner of a process, and that the signing or self-signing certificate which includes the unique identifier that identifies the owner of the process is also inserted into a file for storage as taught by VANGARA et al. in the teaching described by KENT 9785 and KENT 9618 so as to provide a certificate identifier for a signing certificate.

Regarding Claim 5, most of the limitations of this claim have been noted in the rejection of Claim 1.  Applicant is directed to the rejection of Claim 1 above.  In addition, the combination of KENT 9785, KENT 9618 and VANGARA et al. discloses:
The system of claim 1, wherein the machine readable instructions further cause the computing device to at least:
determine that the signing certificate is absent from the memory of the computing device; and the request to the certificate authority is sent in response to a determination that the signing certificate is absent from the memory of the computing device [(KENT 9785 Par 1 Lines 1-3; Par 27 Lines 10-12; Par 30 Lines 7-11; Par 43 Lines 1-6, 17-27) where KENT 9785 teaches the creation of queues in a storage memory by a Certificate Requester for storing X.509 digital signing certificates, since the Certificate Requester has just created the storage queues, the Certificate Requester knows that the storage queues are empty and are absent of any X.509 digital signing certificates, as a result, the Certificate Requester requests and receives X.509 digital signing certificates from a Certificate Authority].

Regarding Claim 6, most of the limitations of this claim have been noted in the rejection of Claim 1.  Applicant is directed to the rejection of Claim 1 above.  In addition, the combination of KENT 9785, KENT 9618 and VANGARA et al. discloses:
The system of claim 1, wherein the machine readable instructions further cause the computing device to at least:
 convert the file from a first file type into a second file type: and the file is signed to generate the signed file in response to a conversion of the file from the first file type into the second file type [(KENT 9618 Par 1 Lines 1-3; Par 27 Lines 10-12; Par 44 Lines 8-13) where KENT 9618 teaches that a fist file type of a document/file is converted to a second file type of a portion of the document/file and then signed in response to the conversion].

Regarding Claim 8:
It is a method claim corresponding to the system claim of claim 1.  Therefore, claim 8 is rejected with the same rationale as applied against claim 1 above.

Regarding Claim 12:
It is a method claim corresponding to the system claim of claim 5.  Therefore, claim 12 is rejected with the same rationale as applied against claim 5 above.

Regarding Claim 13:
It is a method claim corresponding to the system claim of claim 6.  Therefore, claim 13 is rejected with the same rationale as applied against claim 6 above.

Regarding Claim 15:
It is a medium claim corresponding to the system claim of claim 1.  Therefore, claim 15 is rejected with the same rationale as applied against claim 1 above.

Regarding Claim 19:
It is a medium claim corresponding to the system claim of claim 5.  Therefore, claim 19 is rejected with the same rationale as applied against claim 5 above.

Regarding Claim 20:
It is a medium claim corresponding to the system claim of claim 6.  Therefore, claim 20 is rejected with the same rationale as applied against claim 6 above.

Claim(s) 7, 14 are rejected under 35 U.S.C. 103 as being unpatentable over KENT US Patent Application Publication 2017/0279785 in view of KENT US Patent Application Publication 2017/0279618 and further in view of VANGARA et al. US Patent Application Publication No. 2015/0350195 and further in view of Hayes et al. US Patent No. 9,736,145.

Regarding Claim 7, most of the limitations of this claim have been noted in the rejection of Claim 1.  Applicant is directed to the rejection of Claim 1 above.  In addition, the combination of KENT 9785, KENT 9618, and VANGARA et al. discloses:
The system of claim 1,

The combination of KENT 9785, KENT 9618, and VANGARA et al. does not appear to explicitly disclose:
wherein the signing certificate is derived from a user account credential.

However, Hayes et al. discloses:
wherein the signing certificate is derived from a user account credential. [(Hayes et al. Col 2 Lines 44-45, 50-51) where Hayes et al. teaches that a x.509 signing certificate is derived from a user identifier or user account credential].

KENT 9785, KENT 9618, and VANGARA et al, and Hayes et al. are analogous art because they are from the “same field of endeavor” and are from the same “problem-solving area,”.  Namely, they are both from the field of “information security”.

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of KENT 9785, KENT 9618, and VANGARA et al., and the teachings of Hayes et al. by providing a x.509 signing certificate that is derived from a user identifier or user account credential as taught by Hayes et al. in the teaching described by KENT 9785, KENT 9618, and VANGARA et al.
The motivation for doing so would be to increase the usability and flexibility of KENT 9785, KENT 9618, and VANGARA et al., and Hayes et al. by providing a x.509 signing certificate that is derived from a user identifier or user account credential as taught by Hayes in the teaching described by KENT 9785, KENT 9618, and VANGARA et al. so as provide additional security strength by basing a x.509 signing certificate on user account credentials.

Regarding Claim 14:
It is a method claim corresponding to the system claim of claim 7.  Therefore, claim 14 is rejected with the same rationale as applied against claim 7 above.

Allowable Subject Matter
Claims 2-4, 9-11, 16-18 are objected to as being dependent upon a rejected base claim, but would be allowable as a whole under prior art if rewritten in independent form including all of the limitations of their base claim and any intervening claims as well as addressing any additional issues described above.

The following is a statement of reasons for the indication of allowable subject matter.  The examiner has found that the prior art of record does not teach, suggest, or render obvious:
wherein the machine readable instructions farther cause the computing device to at least: request a first authentication credential from the client application in response to receipt of the file, receive the first authentication credential from the client application, verify that the first authentication credential matches a second authentication credential associated with the signing certificate, and wherein the machine readable instructions cause the computing device to sign the file with the signing certificate in response to a verification that the first authentication credential matches the second authentication credential, requesting a first authentication credential from the client application in response to receipt of the file: receiving the first authentication credential from the client application, verifying that the first authentication credential matches a second authentication credential associated with the signing certificate, and wherein signing certificate occurs in response to verifying that the first authentication credential matches the second authentication credential, request a first authentication credential from the client application in response to receipt of the file, receive the first authentication credential from the client application, verify that the first authentication credential matches a second authentication credential associated with the signing certificate, and wherein the machine readable instructions cause the computing device to sien the file with the signing certificate in response to a verification that the first authentication credential matches the second authentication credential

As recited in dependent Claims 2-4, 9-11, 16-18 when also incorporating all of the limitations of the base claim and any intervening claims as well as addressing any additional issues described above.

Response to Arguments
Applicant’s arguments filed 10/26/2021 have been fully considered but are not fully persuasive.

On Page 10 of Applicant’s arguments applicant states that it is believed that all objections to the Claims have been resolved by the Claim amendments.
The examiner agrees and removes the objections to the Claims.

On Pages 10-11 of the Applicant’s Response, applicant argues that the combination of KENT 9785 and KENT 9618 in the rejection of Claim 1, and similarly of Claims 8, 15 does not teach: “insert a unique identifier for the signing certificate into the signed file”.
The examiner agrees, and has added an additional prior art, VANGARA et al., to reject this newly added claim limitation.

So in this case, as a result, 35 U.S.C. 103 rejections are maintained on Independent Claims 1, 8, 15.

Since 35 U.S.C. 103 rejections are maintained on Independent Claims 1, 8, 15, they are also maintained on dependent Claims 5-7, 12-13, 19-20 which are not object allowed to.

Therefore 35 U.S.C. 103 rejections are maintained on Claims 1, 5-8, 12-15, 19-20 of the Instant Application.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Kent - US_20170279607_A1_I: Kent teaches queueing constructs for x.509 certificates.
Kent - US_20170279784_A1_I: Kent teaches the issuance of synchronized public x.509 certificates.

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRADLEY HOLDER whose telephone number is 571-270-3789.  The examiner can normally be reached on Monday-Friday 10:00AM-7:00PM Eastern Time.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on (571) 272- 8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/BRADLEY W HOLDER/
Primary Examiner, Art Unit 2498