DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In communications filed on 03/04/2021. Claims 1-20 cancelled. Claims 21-41 newly added. Claims 21-41 are pending in this examination.
 In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.   This examination is in response to US Patent Application No. 17/096,564.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.


Claims 21-41 are rejected under 35 U.S.C. 102(a) (1) as being anticipated by Debry (US6,314,521) filed in IDS (11/12/2020).
Regarding claims 21, and 32, Debry discloses a method of generating a unique and secure identity of a printing device during manufacturing of the printing device, the method comprising: [ Abstract, The system, method, and program of this invention provides a secure configuration of a digital certificate for a printer…], and [Col. 6 lines 18-20,  using a printer as a specific example, when a printer is manufactured, a unique data encryption key is built into the printer…], and [ see FIG.3 and corresponding text for more details, printer, printer manufacturing, digital certificate authority…], and [see Claims 2, and 4]; and
reading a unique printing device serial number associated with at least a component of the printing device while the printing device is being manufactured [Col. 6 lines 18-27, using a printer as a specific example, when a printer is manufactured, a unique data encryption key is built into the printer. The unique key and the corresponding model and serial number (or another unique identifier) of the printer are maintained in a secure, network (e.g., web) accessible database server. For example, such a secure database server may be maintained by each printer manufacturer. For example, IBM would have a web site storing the keys for all new printers that IBM built], and [see Claims 2, and 4]; and
sending the unique printing device serial number to a certificate authority while the printing device is being manufactured [Col. 6 lines 36-44, second, the printer sends a two-part message to the server. The first part of the message contains the printer model and serial number, the printer's network address (e.g., IP address), and a request for a digital certificate. This first part of the message is encrypted with the encryption key built into the printer. The second part of the message contains the same data (information) as the first part, but the second part of the message is sent in the clear], and [see Claims 2, and 4]; and
 receiving from the certification authority a certificate that is unique to the printing device containing the unique printing device serial number while the printing device is being manufactured [Col.6 lines 52-60, Fourth, the server builds a digital certificate for the printer, registering itself as the certificate authority. The server then encrypts the content of the digital certificate with the certificate authority's private key, and sends it to the printer. Since the digital certificate is encrypted, it is safe to transmit. It should be noted that the content of the digital certificate conforms to the international standard, X.509, for digital certificates. As such, the digital certificate includes a new public/private key pair for the printer], and [see Claims 2, and 4]; and
and loading the certificate to the printing device while the printing device is being manufactured  [Col.6 lines 65-67-Col.7 lines1-3, Sixth, the printer decrypts the digital certificate using the certificate authority's public key, and stores it in nonvolatile memory in the printing system, and Consequently, whenever a printer is requested to authenticate itself, it can do so by using the newly-configured digital certificate], and [see Claims 2, and 4].
Regarding claims 22, and 33, Debry discloses wherein the unique printing device serial number is placed in a common name field of the certificate [Col.9 lines 15-20,  The certificate authority now generates a unique public/private encryption key pair for the printer and builds a digital certificate having the fields as shown in FIG. 1 including a distinguished name of the printer 11, the issuer's distinguished name 12, the public key 13, the issuer's digital signature 14, the validity period 15, and a serial number 16].
Regarding claims 23, and 34, Debry discloses, further comprising storing a key associated with the certificate into a secure memory portion of the printing device while the printing device is being manufactured [Abstract, the system, method, and program of this invention provides a secure configuration of a digital certificate for a printer.  The printer has a unique encryption key stored in it at manufacturing time.  This key is also recorded in a database, securely controlled by a certificate authority, and the key is associated with the printer by model and serial number… The database machine then creates the digital certificate and encrypts the certificate with the key from its database corresponding to that printer. The encryption key is a secret key only known by the printer and the database. The encrypted certificate is sent to the printer and stored in the printer for use in authenticating itself to others], and [Col.8 lines 17-28, when a printer is manufactured by a manufacturer 30, e.g., by IBM, the manufacturer gives each printer a serial number and a model number (or other unique identifier), and builds into each printer a unique encryption key, step 31. This key can be embodied in the printer hardware such as through mechanical or electrical switches or embodied in some persistent storage. For a secure embodiment, the key is embodied in such a way that it is tamper proof and not discernible. Its only use is by the printer controller 26 (FIG. 2) for encrypting a message that requests a digital certificate, or for decrypting the private key of the public/private key pair issued by the certificate authority.
Regarding claims 24, and 35, Debry discloses, wherein the unique printing device serial number includes at least one of a printing device serial number for the entire printing device being manufactured, a trusted platform module (TPM) serial number of a TPM of the printing device, a field programmable gate array (FPGA) serial number of a FPGA of the printing device [Col.6 lines 36-43, Second, the printer sends a two-part message to the server. The first part of the message contains the printer model and serial number, the printer's network address (e.g., IP address), and a request for a digital certificate. This first part of the message is encrypted with the encryption key built into the printer. The second part of the message contains the same data (information) as the first part, but the second part of the message is sent in the clear], and [see Claims 2, and 4]; and
Regarding claims 25, and 36, Debry discloses, further comprising a client reading the unique printing device serial number associated with at least the component of the printing device while the printing device is being manufactured [Col.6 lines 36-43, Second, the printer sends a two-part message to the server. The first part of the message contains the printer model and serial number, the printer's network address (e.g., IP address), and a request for a digital certificate. This first part of the message is encrypted with the encryption key built into the printer. The second part of the message contains the same data (information) as the first part, but the second part of the message is sent in the clear], and [see Claims 2, and 4]; and
Regarding claim 26, Debry discloses, wherein a client sends the unique printing device serial number to the certificate authority while the printing device is being manufactured [Col.6 lines 36-43, Second, the printer sends a two-part message to the server. The first part of the message contains the printer model and serial number, the printer's network address (e.g., IP address), and a request for a digital certificate. This first part of the message is encrypted with the encryption key built into the printer. The second part of the message contains the same data (information) as the first part, but the second part of the message is sent in the clear], and [see Claims 2, and 4]; and
Regarding claims 27, and 37, Debry discloses, further comprising the certificate authority generating the certificate that is unique to the printing device containing the unique printing device serial number while the printing device is being manufactured [Col.6 lines 36-43, Second, the printer sends a two-part message to the server. The first part of the message contains the printer model and serial number, the printer's network address (e.g., IP address), and a request for a digital certificate. This first part of the message is encrypted with the encryption key built into the printer. The second part of the message contains the same data (information) as the first part, but the second part of the message is sent in the clear], and [see Claims 2, and 4], and [Col.9 lines 15-20,  The certificate authority now generates a unique public/private encryption key pair for the printer and builds a digital certificate having the fields as shown in FIG. 1 including a distinguished name of the printer 11, the issuer's distinguished name 12, the public key 13, the issuer's digital signature 14, the validity period 15, and a serial number 16].
Regarding claims 28, and 38, Debry discloses, wherein the certificate authority generates the certificate based on the unique printing device serial number while the printing device is being manufactured [Col.6 lines 36-43, Second, the printer sends a two-part message to the server. The first part of the message contains the printer model and serial number, the printer's network address (e.g., IP address), and a request for a digital certificate. This first part of the message is encrypted with the encryption key built into the printer. The second part of the message contains the same data (information) as the first part, but the second part of the message is sent in the clear], and [see Claims 2, and 4], and [Col.9 lines 15-20,  The certificate authority now generates a unique public/private encryption key pair for the printer and builds a digital certificate having the fields as shown in FIG. 1 including a distinguished name of the printer 11, the issuer's distinguished name 12, the public key 13, the issuer's digital signature 14, the validity period 15, and a serial number 16].
Regarding claims 29, and 39, Debry discloses, wherein the certificate loaded to the printing device being manufactured is configured to allow at least one of. performing an authentication of the printing device being manufactured by a cloud server/service; performing an authentication of the printing device being manufactured by a printer client using a printer protocol of the printing device being manufactured; performing an authentication of signed firmware for one of an upgrade and a downgrade; performing an authentication of a print manager; performing an authentication of a modular device security; performing an authentication of a configuration setting of the printing device being manufactured; performing an authentication of a source of a print job and/or a source of configuration data; performing an authentication of a secure and/or measured boot of the printing device being manufactured; performing a Secure Sockets Layer/Transport Layer Security (SSL/TLS) authentication; performing an authentication modular device security; providing dual authentication; performing an authentication key and certificate storage; performing authenticate file system encryption; and performing an authentication of payload encryption[Col.6 lines 65-67-Col.7 lines1-3, Sixth, the printer decrypts the digital certificate using the certificate authority's public key, and stores it in nonvolatile memory in the printing system, and Consequently, whenever a printer is requested to authenticate itself, it can do so by using the newly-configured digital certificate], and [see Claims 2, and 4]. 
Regarding claims 30, and 40, Debry discloses, wherein receiving from the certification authority the certificate that is unique to the printing device includes receiving the certificate directly from the certificate authority while the printing device is being manufactured [Col.8 lines 45-52, when an administrator installs a printer, and connects it into a network, the administrator will instruct the printer to get its digital certificate. Through the interface 24 (FIG. 2), i.e., the operator console, to the printer's computer, i.e., the system controller 26 (FIG. 2), the administrator causes the printer to initiate a session over the network 61 with the server 50, 40 having the digital certificate authority 50 and the database 401], and [Col.6 lines 36-43, Second, the printer sends a two-part message to the server. The first part of the message contains the printer model and serial number, the printer's network address (e.g., IP address), and a request for a digital certificate. This first part of the message is encrypted with the encryption key built into the printer. The second part of the message contains the same data (information) as the first part, but the second part of the message is sent in the clear], and [see Claims 2, and 4], and [Col.9 lines 15-20,  The certificate authority now generates a unique public/private encryption key pair for the printer and builds a digital certificate having the fields as shown in FIG. 1 including a distinguished name of the printer 11, the issuer's distinguished name 12, the public key 13, the issuer's digital signature 14, the validity period 15, and a serial number 16].

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 31, and 41 are rejected under 35 U.S.C. 103 as being unpatentable over US Patent No. (US6,314,521) issued to Derby filed in IDS (11/12/2020) and in view of US Patent No. (US2013/0067543) issued to Takeda.

Regarding claims 31, and 41,  Derby does not explicitly disclose, however, Takeda discloses  wherein receiving from the certification authority the certificate that is unique to the printing device includes receiving the certificate indirectly from the certificate authority via a client while the printing device is being manufactured [¶77, Referring to FIG. 6, a printer having a certificate issued from an official certificate authority indicates a printer which performs SSL communication using the certificate issued by an official certificate authority. If the printer stores a certificate issued from an official certificate authority, the client can perform verification using the CA certificate stored therein, and it becomes unnecessary for the authentication server to verify the certificate. Such a printer is thus referred to by the above-described name regardless of the printer being certificate verification system-compatible or certificate verification system-incompatible. Further, the certificate stored in the printer having a certificate issued from an official certificate authority may be a certificate issued by an independent authentication authority built in the network environment. It is thus assumed that the printer having a certificate issued from an official certificate authority stores the certificate issued by a public or a private authentication authority].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Derby with the teaching of Takeda in order to perform secure printing on a printer via a network by a printer having a certificate issued from an official certificate authority [Takeda, ¶¶ 2, 77].
Conclusion


The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Shima (US2007/0076253) [ Method of Printing Over A Network].
Kia (2003/0095729) [ [0361] When the printer connects to the netpage network for the first time after installation, it creates a signature public/private key pair. It transmits the secret ID and the public key securely to the netpage registration server. The server compares the secret ID against the printer's secret ID recorded in its database, and accepts the registration if the IDs match. It then creates and signs a certificate containing the printer's public ID and public signature key, and stores the certificate in the registration database].

Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAHRIAR ZARRINEH whose telephone number is (571)272-1207. The examiner can normally be reached Monday-Friday, 8:30am-5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge Ortiz-Criado can be reached on 571-272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SHAHRIAR ZARRINEH/             Examiner, Art Unit 2496