Remarks
Claims 1-10 and 12-23 are pending.  
Claims 1-8 and 16-23 remain withdrawn from consideration.  
Claims 9, 10, and 12-15 are rejected below.  

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Applicant’s arguments with respect to claims 9, 10, and 12-15 have been considered but are moot in view of the new ground(s) of rejection provided below.  

Claim Objections
Claim 10 is objected to because of the following informalities:  Claim 10 states “wherein the the public key” which should apparently only include 1 instance of the word “the”.  Appropriate correction is required.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 9, 10, and 12-15 are rejected under 35 U.S.C. 103 as being unpatentable over Yacoub (U.S. Patent Application Publication 2016/0205106) in view of Speede (U.S. Patent Application Publication 2019/0028832).
Regarding Claim 9,
Yacoub discloses a computer implemented method comprising:
Receiving, by a third party server from an organization, one or more rules governing authentication of messages transmitted from a named entity device that is associated with the organization, the named entity device being an IoT device, the organization having a namespace, the third party server delegated by the organization for managing a delegated namespace of the organization, the delegated namespace being a section of the namespace (Exemplary Citations: for example, Abstract, Paragraphs 33, 35-38, 40-47, 49-71, 73-81, and associated figures; receiving any rules, such as containers, hierarchies, account information, DNS records, DANE records, public keys, certificates, subgroups, user information, feed information, or any other information, where the system manages the namespace of the organization (e.g., the DNS for the URL/domain), for example);
Storing, in the delegated namespace, an identity record of the named entity device, the identity record comprising a unique device identifier of the named entity device, the unique identifier being distinct from IP address and having a format that is under the namespace of the organization, one or more contextual conditions of the named entity device, and a public key of the named entity device, the public key being associated with the unique device identifier in the identity record, the public key corresponding to a private key of the named entity device that is secretly kept by the named entity device (Exemplary Citations: for example, Abstract, Paragraphs 33, 38, 40, 42-47, 49-52, 56, 69-71, and associated figures; DNS stores records with unique device names (e.g., thermometer1.example.iot.vrns.com), associated public keys, and contextual conditions, which may be any of the other data within the records, as examples.  The private key is held by the IoT device secretly, for example, as seen in paragraph 49, for example);
Receiving, by the third party server, an authentication query from a recipient IoT device that attempts to authenticate a message transmitted from a transmitter IoT device purportedly associated with the unique device identifier belonging to the named entity device, the message comprising a digital signature signed by the private key of the named entity device, the signature comprising the unique device identifier and a timestamp at which the message was transmitted, the authentication query from the recipient IoT device including the digital signature in the message and contextual metadata of the transmitter IoT device, wherein the authentication query that includes the contextual metadata and the digital signature is directed at the delegated namespace of the organization (Exemplary Citations: for example, Abstract, Paragraphs 46, 47, 49-53, 59, 69-71, 80, and associated figures; message with ID, timestamp, body, and signature on the above, for example, where the message is to be authenticated and was received by the recipient IoT device and then the verification took place, for example);
Verifying, by the third party server, the unique device identifier of the named entity device to confirm that the unique device identifier is under the namespace of the organization (Exemplary Citations: for example, Abstract, Paragraphs 46, 47, 49-53, 59, 69-71, 80, and associated figures; DNS lookup with ID, for example);
Examining, by the third party server, the contextual metadata and the digital signature using at least one of the rules provided by the organization for authenticating the message, at least one of the rules comprising using the unique device identifier to retrieve the public key stored in the identity record to verify the digital signature and the timestamp (Exemplary Citations: for example, Abstract, Paragraphs 46, 47, 49-53, 59, 69-71, 80, and associated figures; getting public key from DNS, verifying signature that is on everything in message, including contextual metadata (e.g., temperature or other values), for example);
Determine, by the third party server and based on the unique device identifier and the one or more rules specified by the organization, a response to the authentication query (Exemplary Citations: for example, Abstract, Paragraphs 46, 47, 49-53, 59, 69-71, 80, and associated figures; signature is verified, for example); and
Transmitting, by the third party server, the response to the message recipient, the response verifying the one or more contextual conditions of the named entity device (Exemplary Citations: for example, Abstract, Paragraphs 46, 47, 49-53, 59, 69-71, 80, and associated figures; sending recipient a verified (and possibly newly-signed) message after authentication thereof, for example);
But does not explicitly disclose that the one or more contextual conditions comprise an authorized geographical location of the named entity device, that the authentication query is from a recipient IoT device, that the contextual metadata comprises geographical information associated with a location associated with the message, and that examining comprises comparing the location associated with the message against the authorized geographical location of the named entity device.  
Speede, however, discloses the one or more contextual conditions comprising an authorized geographical location of the named entity device, the named entity device being an IoT device (Exemplary Citations: for example, Abstract, Paragraphs 21, 26-32, 34, 35, 37, 39-45, 49-63, 68-71, and associated figures; metadata including geographic fence related to an IoT device, for example);
The contextual metadata comprising geographical information associated with a location associated with the message (Exemplary Citations: for example, Abstract, Paragraphs 21, 26-32, 34, 35, 37, 39-45, 49-63, 68-71, and associated figures; current location inside or outside geofence, for example); and
That examining comprises comparing the location associated with the message against the authorized geographical location of the named entity device (Exemplary Citations: for example, Abstract, Paragraphs 21, 26-32, 34, 35, 37, 39-45, 49-63, 68-71, and associated figures; comparing geofence and location, for example); and
The response verifying the authorized geographical location of the named entity device (Exemplary Citations: for example, Abstract, Paragraphs 21, 26-32, 34, 35, 37, 39-45, 49-63, 68-71, and associated figures; metadata/amended metadata including geofence information, for example).  It would have been obvious to one of ordinary skill in the art at the time of applicant’s invention, which is before any effective filing date of the claimed invention, to incorporate the geofencing techniques of Speede into the Internet of Things system of Yacoub in order to allow senders to control which geographical locations receivers may access data from, inform the sender if the receiver roams outside of a geofence, provide complete control to creators/owners, and/or to increase security in the system.  
Regarding Claim 10,
Yacoub as modified by Speede discloses the method of claim 9, in addition, Yacoub discloses that the public key of the named entity device is part of credential of the named entity device, the public key capable of authenticating the digital signature signed by the named entity device (Exemplary Citations: for example, Abstract, Paragraphs 46, 47, 49-53, 59, 69-71, 80, and associated figures; DNS record with public key, device ID, verifying signature, etc., as examples).  
Regarding Claim 12,
Yacoub as modified by Speede discloses the method of claim 10, in addition, Yacoub discloses that determining the response to the authentication query comprises retrieving the credential of the named entity device from a DNS address specified in the unique device identifier of the named entity device (Exemplary Citations: for example, Abstract, Paragraphs 46, 47, 49-53, 59, 69-71, 80, and associated figures; getting public key and/or other data from DNS record using ID, for example);
Using the credential to verify attested metadata of the named entity device that is included in the message (Exemplary Citations: for example, Abstract, Paragraphs 46, 47, 49-53, 59, 69-71, 80, and associated figures; verifying signature and/or other data, for example);
Responsive to a successful verification, determining that the message is authenticated, wherein the response comprises an indication that the third part server has determined that the message is authenticated (Exemplary Citations: for example, Abstract, Paragraphs 46, 47, 49-53, 59, 69-71, 80, and associated figures; response indicating message authenticity, for example).  
Regarding Claim 13,
Yacoub as modified by Speede discloses the method of claim 9, in addition, Yacoub discloses that the namespace is a DNS (Exemplary Citations: for example, Abstract, Paragraphs 33, 35-38, 40-47, 49-71, 73-81, and associated figures).  
Regarding Claim 14,
Yacoub as modified by Speede discloses the method of claim 9, in addition, Yacoub discloses that the unique device identifier is an address in the DNS and the response to the authentication query comprises the public key of the named entity device, the public key being stored at the address (Exemplary Citations: for example, Abstract, Paragraphs 46, 47, 49-53, 59, 69-71, 80, and associated figures).  
Regarding Claim 15,
Yacoub as modified by Speede discloses the method of claim 9, in addition, Yacoub discloses that the transmitter IoT device is an IoT sensor whose public key is stored in the DNS (Exemplary Citations: for example, Abstract, Paragraphs 46, 47, 49-53, 59, 69-71, 80, and associated figures).  

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Jeffrey D Popham whose telephone number is (571)272-7215. The examiner can normally be reached Monday through Friday 9:00-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Nickerson can be reached on (469) 295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/Jeffrey D. Popham/Primary Examiner, Art Unit 2432