DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Status of Claims
The following claim(s) is/are pending in this office action: 1, 3-15, 17-20, 22
The following claim(s) is/are amended: 1, 18-20
The following claim(s) is/are new: -
The following claim(s) is/are cancelled: 2, 16, 21
Claim(s) 1, 3-15, 17-20, 22 is/are rejected. This rejection is FINAL.


Previous Rejections Withdrawn
The 35 USC 101 rejection to claim(s) 20 is/are withdrawn based on the amendment.


Response to Arguments
Applicant’s arguments filed in the amendment filed 7/20/2022, have been fully considered but are moot in view of new grounds of rejection. The reasons set forth below.



Applicant’s Invention as Claimed
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


Claim(s) 18-19 is/are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention. Applicant asserts that Claims 18-19 are similar in scope to Claim 1. Examiner finds Claims 18-19 to contain a large amount of intended use that renders them significantly different from Claim 1. The disagreement requires a resolution on the record as to the definite scope of Claims 18-19.


Claim Rejections - 35 USC § 103
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 3-8, 11-15, 17-20 and 22 are rejected under 35 U.S.C. 103 as being unpatentable over Rescorla (Rescorla, E., RFC 8446, “The Transport Layer Security (TLS) Protocol Version 1.3”, Internet Engineering Task Force, August 2018) in view of Ocak (WO 2017/131564 A1).
With respect to Claim 1, Rescorla teaches a machine-implemented method for operating a configuration server in communication with a client electronic device, comprising: receiving a handshake initiation message from said client electronic device specifying a registration at a specified server; (The device setup and registration will be taught later. Section 4; handshake protocol. Section 4.1.2; client hello when client first connects to a server.)
receiving, from the client electronic device, a first enumeration of client features supported; (pg. 12 and Section 4.2.1; client includes supported versions of the protocol and cipher options supported by the client.)
responsive to detecting a stored client provisioning configuration for said client electronic device; responsive to detecting no stored client provisioning configuration for said client electronic device, (Storing client provisioning configurations will be taught later. Section 4.1.2, 4.1.3; Server tracks TLS and has different rules for renegotiation including not allowing renegotiation of TLS 1.3. Section 8.2; server records client hellos and rejects duplicates. See also Ocak, pg. 10, lns. 1-7)
retrieving, from the specified server, a second enumeration of server features supported; performing a comparison between said first and said second enumeration to detect a match between said client features supported and said server features supported; (Section 4.1.4; Server reports supported versions and extension values. pg. 12 and 4.1.1; server selects from items supported by the server and items identified in the client hello that the client supports. See also Ocak, pg. 8, lns. 13-31; to avoid having the client handshake twice the bootstrap server handshakes with the specified server in place of the client, which suggests the retrieval of the specified server features so that both the client and the server have available features.)
But Rescorla does not explicitly teach sending a provisioning message comprising said client provisioning configuration to said client electronic device.
Ocak, however, does teach said client electronic device specifying a registration at a specified server; (pg. 5, ln. 15 to pg. 6, ln. 24; LWM2M client registers with LWM2M server that manages it. It does so by communicating with a LWM2M bootstrap server which manages the initial configuration parameters. The boostrap server is a configuration server and the LWM2M server is a specified server. Pg. 7, ln. 29 to pg. 8, ln. 12; when LWM2M needs to register with server, it needs to be boostrapped by the bootstrap server.)
retrieving said client provisioning configuration and sending a provisioning message comprising said client provisioning configuration to said client electronic device (pg. 10, lns. 13-30; bootstrap server transfer session ticket and key to client, which is a provisioning configuration. See also Rescorla, Section 4.1.3; server communicates selected options to client.)
responsive to detecting said match, creating a client provisioning configuration; (pg. 8, lns. 13-31; to avoid requiring the client to handshake with another server, the boostrap server negotiates on behalf of the client. pg. 10, lns. 13-30; bootstrap server transfer session ticket and key to client, which is a provisioning configuration. See also Rescorla, pg. 12 and 4.1.1; server selects from items supported by the server and items identified in the client hello that the client supports.)
storing said client provisioning configuration in a configuration store; (pg. 10, lns. 1-7; when the bootstrap server knows the client identity in advance, it can perform the handshake with the server before the client even wakes up. Therefore, it would have been obvious to one of ordinary skill prior to the effective filing date to store any of the client or server supported features or the session data in order to allow for quicker connections to other devices or to more quickly refresh the current communication.)
and, sending a provisioning message comprising said client provisioning configuration to said client electronic device. (pg. 10, lns. 13-30; bootstrap server transfer session ticket and key to client, which is a provisioning configuration. See also Rescorla, Section 4.1.3; server communicates selected options to client.)
It would have been obvious to one of ordinary skill prior to the effective filing date to combine the method of Rescorla with the sending of a client provisioning configuration to the client so that the client does not have to handshake with both the bootstrap and the specified server to reduce power consumption and make registration as efficient as possible. (Ocak, pg. 1, ln. 24 to pg. 2 ln. 5)

With respect to Claim 3, modified Rescorla teaches the machine-implemented method of claim 1, and Rescorla also teaches said receiving, from the client electronic device, a first enumeration of client features supported comprising receiving an enumeration of shared key signature algorithms supported. (pg. 12 and Section 4.2.8; Client Hello extension includes key shares available in an order of preference.)

With respect to Claim 4, modified Rescorla teaches the machine-implemented method of claim 1, and Rescorla also teaches said retrieving, from the specified server, said second enumeration of server features supported comprising retrieving an enumeration of shared key signature algorithms supported. (pg. 12 and Section 4.2.8; Client Hello extension includes key shares available in an order of preference. Client can send an empty client_shares vector to request server’s supported versions. Section. 4.1.4; server reports supported extension values.)

With respect to Claim 5, modified Rescorla teaches the machine-implemented method of claim 1, and Rescorla also teaches said receiving, from the client electronic device, said first enumeration of client features supported comprising receiving an enumeration of zero round trip time resumption (O-RTT) features supported. (pg. 8, and Section 2.3, Fig. 4 and Section 4.2.10; client hello includes 0-RTT data including a pre shared key.)

With respect to Claim 6, modified Rescorla teaches the machine-implemented method of claim 1, and Rescorla also teaches said retrieving, from the specified server, said second enumeration of server features supported comprising retrieving an enumeration of zero round trip time resumption (O-RTT) features supported. (pg. 8, and Section 2.3, Fig. 4 and Section 4.2.10; server hello includes 0-RTT data or may reject 0-RTT. Server may ignore 0-RTT and return a 1-RTT response.)

With respect to Claim 7, modified Rescorla teaches the machine-implemented method of claim 1, and Rescorla also teaches said receiving, from the client electronic device, said first enumeration of client features supported comprising receiving an enumeration of replay protection features supported. (Section 8; system provides for anti-replay protection, see Sections 8.1-8.3. Section E.2; non-replayability is achieved by each side maintaining an independent sequence number. Further, because 0-RTT and 1-RTT have different replay protections (see pg. 19), whether the devices support 0-RTT is an enumeration of replay protection features supported. See pg. 8, and Section 2.3, Fig. 4 and Section 4.2.10; 0-RTT.)

With respect to Claim 8, modified Rescorla teaches the machine-implemented method of claim 1, and Rescorla also teaches said retrieving, from the specified server, said second enumeration of server features supported comprising retrieving an enumeration of replay protection features supported. (Section 8; system provides for anti-replay protection, see Sections 8.1-8.3. Section E.2; non-replayability is achieved by each side maintaining an independent sequence number. Further, because 0-RTT and 1-RTT have different replay protections (see pg. 19), whether the devices support 0-RTT is an enumeration of replay protection features supported. See pg. 8, and Section 2.3, Fig. 4 and Section 4.2.10; 0-RTT.)

With respect to Claim 11, modified Rescorla teaches the machine-implemented method of claim 1, and Rescorla also teaches said receiving, from the client electronic device, said first enumeration of client features supported comprising receiving an indication of post-handshake authentication features supported. (Section 4.2.6 and 4.6.2; client offers to engage in Post-Handshake authentication.)

With respect to Claim 12, modified Rescorla teaches the machine-implemented method of claim 1, and Rescorla also teaches said retrieving, from the specified server, said second enumeration of server features supported comprising retrieving an indication of post-handshake authentication features supported. (Section 4.2.6 and 4.6.2; server may engage in Post-Handshake authentication.)

With respect to Claim 13, modified Rescorla teaches the machine-implemented method of claim 1, and Ocak also teaches said client electronic device comprising an LwM2M client. (pg. 5, ln. 15 to pg. 6, ln. 24; LWM2M client registers with LWM2M server that manages it. It does so by communicating with a LWM2M bootstrap server which manages the initial configuration parameters.)
The same motivation to combine as the parent claim applies here.

With respect to Claim 14, modified Rescorla teaches the machine-implemented method of claim 1, and Ocak also teaches said specified server comprising an LwM2M server. (pg. 5, ln. 15 to pg. 6, ln. 24; LWM2M client registers with LWM2M server that manages it. It does so by communicating with a LWM2M bootstrap server which manages the initial configuration parameters.)
The same motivation to combine as the parent claim applies here.

With respect to Claim 15, modified Rescorla teaches the machine-implemented method of claim 1, and Ocak also teaches said configuration server comprising an LwM2M server. (pg. 5, ln. 15 to pg. 6, ln. 24; LWM2M client registers with LWM2M server that manages it. It does so by communicating with a LWM2M bootstrap server which manages the initial configuration parameters.)
The same motivation to combine as the parent claim applies here.

With respect to Claim 17, modified Rescorla teaches the machine-implemented method of claim 1, and Rescorla also teaches said configuration store comprising a database. (Section 8.1; database)

With respect to Claim 18, Rescorla teaches a machine-implemented method for operating a client electronic device in communication with a configuration server, comprising: sending a handshake initiation message from said client electronic device to said configuration server (The device setup and registration will be taught later. Section 4; handshake protocol. Section 4.1.2; client hello when client first connects to a server.)
sending, from the client electronic device to said configuration server, a first enumeration of client features supported  (pg. 12 and Section 4.2.1; client includes supported versions of the protocol and cipher options supported by the client.)
for detecting a match between said features and server features supported by said specified server; based on a match between said first enumeration of client features support and server features supported (Examiner asserts this is nonfunctional descriptive material not subject to patentable weight. Regardless, Examiner cites Section 4.1.4; Server reports supported versions and extension values. pg. 12 and 4.1.1; server selects from items supported by the server and items identified in the client hello that the client supports. See also Ocak, pg. 8, lns. 13-31; to avoid having the client handshake twice the bootstrap server handshakes with the specified server in place of the client, which suggests the retrieval of the specified server features so that both the client and the server have available features.)
But Rescorla does not explicitly teach receiving, from said configuration server, said client provisioning configuration.
Ocak, however, does teach specifying a registration at a specified server; (pg. 5, ln. 15 to pg. 6, ln. 24; LWM2M client registers with LWM2M server that manages it. It does so by communicating with a LWM2M bootstrap server which manages the initial configuration parameters. The boostrap server is a configuration server and the LWM2M server is a specified server. Pg. 7, ln. 29 to pg. 8, ln. 12; when LWM2M needs to register with server, it needs to be boostrapped by the bootstrap server.)
and creating a client provisioning configuration; (Examiner asserts this is nonfunctional descriptive material not subject to patentable weight. Regardless, Examiner cites pg. 8, lns. 13-31; to avoid requiring the client to handshake with another server, the boostrap server negotiates on behalf of the client. pg. 10, lns. 13-30; bootstrap server transfer session ticket and key to client, which is a provisioning configuration. See also Rescorla, pg. 12 and 4.1.1; server selects from items supported by the server and items identified in the client hello that the client supports.)
receiving, from said configuration server, a new or previously-stored client provisioning configuration; (pg. 10, lns. 13-30; bootstrap server transfer session ticket and key to client, which is a provisioning configuration. See also Rescorla, Section 4.1.3; server communicates selected options to client. For storage see Ocak, pg. 10, lns. 1-7; when the bootstrap server knows the client identity in advance, it can perform the handshake with the server before the client even wakes up. Therefore, it would have been obvious to one of ordinary skill prior to the effective filing date to store any of the client or server supported features or the session data in order to allow for quicker connections to other devices or to more quickly refresh the current communication.)
and, configuring said client electronic device in accordance with said client provisioning configuration. (pg. 6, ln. 31 to pg. 7, ln. 3 and pg. 10, lns. 13-30; bootstrap server configures the client.)
It would have been obvious to one of ordinary skill prior to the effective filing date to combine the method of Rescorla with the sending of a client provisioning configuration to the client so that the client does not have to handshake with both the bootstrap and the specified server to reduce power consumption and make registration as efficient as possible. (Ocak, pg. 1, ln. 24 to pg. 2 ln. 5)

With respect to Claim 19, Rescorla teaches a machine-implemented method for operating a server in communication with a configuration server, comprising: receiving a request message from said configuration server indicating receipt of a handshake initiation message from a client electronic device specifying a registration at said server; (The device setup and registration will be taught later. Section 4; handshake protocol. Section 4.1.2; client hello when client first connects to a server.)
creating an enumeration enumerating features supported by said server for comparison to detect a match between client features supported and server features supported; and, sending a message comprising said enumeration to said configuration server (Section 4.1.4; Server reports supported versions and extension values. pg. 12 and 4.1.1; server selects from items supported by the server and items identified in the client hello that the client supports. See also Ocak, pg. 8, lns. 13-31; to avoid having the client handshake twice the bootstrap server handshakes with the specified server in place of the client, which suggests the retrieval of the specified server features so that both the client and the server have available features.)
But Rescorla does not explicitly teach from a client electronic device specifying a registration at said server.
Ocak, however, does teach from a client electronic device specifying a registration at said server; (pg. 5, ln. 15 to pg. 6, ln. 24; LWM2M client registers with LWM2M server that manages it. It does so by communicating with a LWM2M bootstrap server which manages the initial configuration parameters. The boostrap server is a configuration server and the LWM2M server is a specified server. Pg. 7, ln. 29 to pg. 8, ln. 12; when LWM2M needs to register with server, it needs to be boostrapped by the bootstrap server.)
and creation or retrieval of a client provisioning configuration (Examiner asserts this is nonfunctional descriptive material not subject to patentable weight. Regardless, Examiner cites pg. 8, lns. 13-31; to avoid requiring the client to handshake with another server, the boostrap server negotiates on behalf of the client. pg. 10, lns. 13-30; bootstrap server transfer session ticket and key to client, which is a provisioning configuration. See also Rescorla, pg. 12 and 4.1.1; server selects from items supported by the server and items identified in the client hello that the client supports.)
It would have been obvious to one of ordinary skill prior to the effective filing date to combine the method of Rescorla with the sending of a configuration server so that the server can boostrap the initial setup of the client device. (Ocak, pg. 6, ln. 31 to pg. 7, ln. 3) 

With respect to Claim 20, it is substantially similar to Claim 1 and is rejected in the same manner, the same art and reasoning applying. Further, Ocak also teaches a non-transitory data carrier carrying computer readable code (pg. 2, lns. 24-27. See also fig. 7, pg. 16, ln. 19 to pg. 17, ln. 2; processor, CDROM, DVD)
The same motivation to combine as Claim 1 applies here.

With respect to Claim 22, it is substantially similar to Claim 1 and is rejected in the same manner, the same art and reasoning applying. Further, Ocak also teaches a non-transitory data carrier carrying code which, when implemented on a processor, causes the processor to. (fig. 7, pg. 16, ln. 19 to pg. 17, ln. 2; processor, CDROM, DVD)
The same motivation to combine as Claim 1 applies here.


Claims 9-10 are rejected under 35 U.S.C. 103(a) as being unpatentable over Rescorla (Rescorla, E., RFC 8446, “The Transport Layer Security (TLS) Protocol Version 1.3”, Internet Engineering Task Force, August 2018) in view of Ocak (WO 2017/131564 A1), and further in view of Link (US Pub. 2017/0272945).
With respect to Claim 9, modified Rescorla teaches the machine-implemented method of claim 1, but does not explicitly teach perfect forward secrecy.
Link, however, does teach  said receiving, from the client electronic device, said first enumeration of client features supported comprising receiving an enumeration of perfect forward security features supported. (Enumeration of features was previously taught. Paras. 17, 52, 64, 102-103; perfect forward secrecy set during handshake)
It would have been obvious to one of ordinary skill prior to the effective filing date to combine the method of modified Rescorla with the perfect forward secrecy to secure communications against theft. (Link, para. 52)

With respect to Claim 10, modified Rescorla teaches the machine-implemented method of claim 1, but does not explicitly teach perfect forward secrecy.
Link, however, does teach said retrieving, from the specified server, said second enumeration of server features supported comprising retrieving an enumeration of perfect forward security features supported. (Enumeration of features was previously taught. Paras. 17, 52, 64, 102-103; perfect forward secrecy set during handshake)
It would have been obvious to one of ordinary skill prior to the effective filing date to combine the method of modified Rescorla with the perfect forward secrecy to secure communications against theft. (Link, para. 52)


Remarks
Applicant amends Claim 2 into Claim 1 and argues amended Claim 1 is nonobvious. Applicant points only to pg. 10, lines 1-20 of Ocak and argues that “the client’s identity of Ocak cannot reasonably be considered to be a stored client provisioning configuration.”
Applicant’s argument is unpersuasive because it is a piecemeal attack on the rejection. Examiner cited Ocak, pg. 8, lns. 13-31 and pg. 10, lns. 13-30 as well as Rescorla, pg. 12 and 4.1.1 to teach creating the client provisioning configuration. Applicant does not appear to dispute these citations. Examiner cited Ocak, pg. 10, lns. 1-7 in previous Claim 2, just as Examiner did to previous Claim 1, to motivate the storing of the configuration.
In other words, Examiner agrees that “Ocak never detects a stored client provisioning configuration for a client” but that does not mean it is not obvious over the combination. Applicant apparently does not dispute the other branch of the method – that when there is no configuration Rescorla and Ocak teach receiving enumerations of supported features, determining common features, and using the features to broker a connection. Given that the device performs this work, it would have been obvious to save the results of the work so that the work need not be done again. As Ocak, page 10 points out, having the information in advance (i.e. previously stored) allows for efficiencies in the communication process. Applicant appears to expressly acknowledge the benefit as well – “The bootstrap server knowing the client’s identity simply eliminates the need for the bootstrap server to conduct a round-trip communication with the client before obtaining the SessionTicket.” (Remarks, pg. 8) But similarly, the bootstrap server saving the matching features of the two devices allows the bootstrap server to avoid (1) requesting the second enumeration of features from the server again and (2) performing the comparison again.
Applicant argues that “asserting that the skilled person would somehow be able to adapt the above teaching of Ocak to remedy the deficiencies of Rescorla is, at best, an application of hindsight.” To the extent that this is an argument against the obviousness finding that storage of the configuration data is nonobvious even when the generation of the data is obvious, Examiner simply disagrees. Storage of information here is being used for its conventional purpose – to avoid duplication of work. Applicant does not dispute the generation of the information, does not dispute that storage was known to the art (which would clearly be an unreasonable assertion anyway) and acknowledges that the prior art teaches a benefit to storage of similar information. That is not hindsight, that is application of known techniques for conventional benefits.
Rescorla can detect whether there is a first time negotiation or a renegotiation and recording hellos and duplicates, which suggests the ability to determine if a first device has communicated with a second device before, and therefore whether there is a stored client provisioning configuration or not. The combination teaches gathering the enumeration of features and determining matches to generating the configuration. The storing of that information is obvious over the combined teachings of the references.
Examiner further points out that Claim 1 is a method claim, and Claim 2’s subject matter constitutes a different conditional branch of the method. Therefore, even if Applicant’s argument were correct that Claim 2 was not taught, Claim 1 would still be obvious because the method could be infringed purely by going down the “no stored configuration” branch of the method. Similarly, Claims 18-19 are method steps that are not similarly situated to Claim 1, which involves the entire system. Claims 18-19 are replete with intended use limitations. For example, Claim 19 is infringed by creating and sending an enumeration of supported features following receipt of a message indicating a client device specifying registration. Claim 19 does not require client features, does not require a comparison, does not require the generation of a provisioning configuration and does not require the storage of a provisioning configuration. Claim 19 bears almost no comparison in scope to Claim 1, where all of the allegedly nonobvious features are claimed. Applicant does not dispute that the server sends an enumeration of features, and therefore does not dispute Claim 19.
All claims remain rejected.



Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to NICHOLAS P CELANI whose telephone number is (571)272-1205.  The examiner can normally be reached on M-F 9-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Vivek Srivastava can be reached on 571-272-7304.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/NICHOLAS P CELANI/Examiner, Art Unit 2449