DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This written action is responding to the amendment dated on July 20, 2022.
Claims 1-7, 11-13 and 17-21 are allowed.

Priority
This application filed on December 15, 2020 claims priority of foreign application FR1914486 filed on December 16, 2019.
Examiner’s Note
Examiner contacted applicant’s representative Mr. Joseph J. Mayo (Reg. # 53,288) and explained that Claim 13 invokes 35 U.S.C. 112(f) for the claim limitation, “…wherein said each object being provided with computation means and means for storing in memory a program and sufficient data to execute process comprising..”.  “an object provided with computation means and means for storing in memory a program” is interpreted as “an Object manufactured by a Manufacturer”, as described in paragraph 12 of the specification. The object recites sufficient structure.


Allowable Subject Matter
Claims 1-7, 11-13 and 17-21 are allowed.

Examiner’s Statement of Reasons for Allowance
The following is an examiner’s statement of reasons for allowance.
Independent Claim 1 is allowable based on the amendment presented on July 20, 2022.
Specifically, the independent Claim 1 now recites limitations as follows:

“A communication method for secure management of keys and identities of an object manufactured by a manufacturer having a manufacturer key pair of a public manufacturer key, and a private manufacturer key or a secret manufacturer key, and a client having a client key comprising a public client key and a secret client key, wherein the secure management is carried out at least partially on a decentralized blockchain database, and wherein the communication method comprises: 
generating, by the manufacturer, of a manufacturing key pair obtained via a key derivation function, the manufacturing key pair being recorded in the object, and composed of a private manufacturing key resulting from derivation of the private manufacturer key with a diversifier, and of a public manufacturing key, complementary to said private manufacturing key, the public manufacturing key resulting from the derivation of the public manufacturer key with the diversifier; 
publication and recording, in the decentralized blockchain database, oa decentralized identifier of the object and of the diversifier used to obtain the public manufacturing key of the object in association; Page 2 of 15Appl. No. 17/122,383 Amdt. dated 7/19/2022 Response to Non-Final Office Action of 5/26/2022 
and, when the client purchases the object from said manufacturer, the communication method further comprising providing, by the manufacturer of the object, of the decentralized identifier of the object and the public manufacturing key to the client; 
updating the decentralized blockchain database by publication of the public client key and creation of the association, in said decentralized blockchain database, between the decentralized identifier of the object and the diversifier and the public client key:and, when the object is switched on for first time, the object enrolls itself according to
generation of a utilization key pairauto-enrollment using the manufacturing key pair by publication, by the object, of a public utilization key of the object in an enrollment message, and signing of the enrollment message with the private manufacturing key; and 
replacement, in the decentralized blockchain database, of the public manufacturing key associated with the decentralized identifier of the object of  with the public utilization key associated with the decentralized identifier of the object”.
The reference by Dittmann et al. (US PGPUB. # US 2021/0158372) discloses, an ownership database 20 shown in FIG. 1, FIG. 3, and FIG. 4. The ownership database 20 stores pairs of object IDs and owner IDs. Such pairs involve associations between the object IDs and person IDs. The object IDs identify respective physical objects, while a respective one of owner IDs identifies a person who currently owns a respective one of the physical objects corresponding to the object IDs. In the database, an object ID typically indexes an owner ID, which implicitly establishes an association between the IDs at stakes. This association reflects a relationship (i.e., ownership) between the corresponding person and object. Additional parameters may be stored as well, if necessary. (Fig. 1(20), ¶32). First, the back-end system of a manufacturer 10 of objects assigns UIDs. Physical anchors are affixed to objects 40 and corresponding DFPs are detected, for the back-end system of the manufacturer 10 to pair UIDs and corresponding DFPs (see FIG. 2). Then the back-end system of the manufacturer 10 exports, on the one hand, pairs of UIDs and DFPs to the verification database (anchor backend) 30 and, on the other hand, pairs of UIDs and owner IDs (which initially may be the ID of the manufacturer, or of a retailer, if already known) to the ownership database (registry) 20, during a commissioning process S10. (Fig. 2, ¶74). A commissioning objects means readying the objects for their lifecycle management. The commissioning step can also be regarded as a set of preparatory steps to bring the objects into working condition or market such objects. Typically, batches of numerous, similar objects need be commissioned at the same time by manufacturers. Thus, the commissioning process typically deals with sets of objects. The commissioning process is preferably performed by a trusted entity, typically the manufacturer 10 or an initial legal owner of the objects, or under control of this owner or the manufacturer, preferably at the manufacturer's site, e.g., by a trusted back-end system at the manufacturer's site. The back-end system will typically involve one or more computerized units such as depicted in FIG. 5. So do the databases 20 and 30. (¶68). During a second process S20, a given seller 61 offers (at step S21) a given one (or several) of the objects for sale, by interacting with an application already installed on her/his device 51. This application contacts the transaction system (marketplace) 35 and communicates (at step S22) the relevant UIDs. The transaction system 35 then interacts (at step S23 and step S24) with the ownership database 20 to verify the current ownership status of the object at issue. Upon the ownership database 20 confirming, the transaction system 35 lists (at step S25) this object for sale, amongst other objects, and contacts (at step S26) the ownership database to subscribe to ownership change events. (Fig. 3(S20, S21), ¶75). Ownership can then be transferred, during a fifth process S50. A corresponding request is initiated at step S51 by the buyer 62, which request is forwarded (at step S52) by the device 52 to the ownership database 20, and from there forwarded (at step S53) to the device 51, in order to obtain (steps S54-S55) approval of the seller 61. Upon receiving (at step S56) an approval instruction from the device 51, the ownership database 20 registers (at step S57) the buyer 62 as a new owner, and accordingly notifies (steps S58-S59) the buyer 62. (Fig. 4(S50), ¶78). The reference further discloses, later on, the buyer 62 that has received a given object to verify whether this object is genuine, by interacting with the verification database 30. Then, this buyer 62 may request a transfer of ownership directly at the ownership database 20 (i.e., the request is sent to the ownership database). The ownership database 20 will then forward all necessary data to the seller 61 for her/him to approve the request, such that the ownership database 20 may eventually record the change of ownership, as in embodiments described herein. The same steps can then be repeated as long as necessary to perform further transactions, which makes it possible to securely track ownerships. (¶67). 
The reference by Mugundan et al. (US PGPUB. # US 2020/0293663) discloses, in order to facilitate secure transactions within the secure global registry 110, the initial registration component 120 and/or the device owner component 140 can have security credentials. In some embodiments, the security credentials can include a public/private cryptographic key pair. A variety of cryptographic algorithms may be used, including, but not limited to, Advanced Encryption Standard (AES), Data Encryption Standard (DES), Rivest-Shamir-Adleman (RSA), and Elliptic Curve Cryptography (ECC), among others. For purposes of discussion, the credentials of the entity(ies) performing transactions (e.g., the initial registration component 120 and/or the device owner component 140) within the secure global registry 110 are sometimes referred to herein as “owner credentials”, “owner public key”, and/or “owner private key”. (¶21). The secure global registry 110 is a database with each entry 150 storing information associated with a particular IoT device 130. In some embodiments, the information comprises a DID, current configuration information for the particular IoT device 130 (e.g., endpoint information), reference to current configuration information for the particular IoT device 130 (e.g., associated device identifier foundation (DIF) hub), and/or a device public key associated with the particular IoT device 130. In some embodiments, some or all of the information is encrypted using the device public key. In some embodiments, the entry is signed using owner credentials such as an owner's private key. (¶29). t 310, a globally unique device identifier (DID) is created for an IoT device. At 320, an initial entry in a secure global registry is created using the DID, and, optionally, endpoint information, wherein the secure global registry stores current cloud-based endpoint information for the device. At 330, the initial entry in the secure global registry entry is signed using an owner private key (e.g., by the initial registration component 120). At 340, the globally unique device identifier (DID) is stored on the IoT device. At 350, bootstrap code (e.g., bootstrap code 160) is stored on the IoT device. (Fig. 3(320, 330, 340), ¶52).
Ross et al. (US PGPUB. # US 2021/0110004) discloses, a combination of digital fingerprint authentication techniques, processes, programs, and hardware that facilitate the assignment, management, and enforcement of rights related to the usage of a physical object and associated digital objects or a digital object itself. An unspoofable, secure linkage is created between a physical key object through its digital fingerprint to one or more digital, physical, or hybrid objects (protected assets), where there need be no other relationship between the key object and the protected assets than the key object digital fingerprint. The digital fingerprint must be unambiguously derived from the key object. It should remain matchable with high confidence even as the key object ages or wears. A rights server or platform qualifies access to a protected asset based on the linked digital fingerprint and manages distribution and usage of the asset according to policies and rights stored in or associated to the digital fingerprint. (Abstract).
Werener et al. (US PGPUB. # US 2021/0091960) discloses, one or more of receiving a signed storage request which comprises a unique identifier of an object, a public key of the object, and a signed security value associated with the object, determining, via code installed on a database node, whether the signed storage request is valid based on a signature of the signed storage request and a signature of the signed security value of the object, and in response to validation of the signed storage request, generating a storage object based on the signed storage request which includes the unique identifier, the public key of the object, and the signed security value, and storing the generated storage object in a database including the database node. (Abstract).
Curtis et al. (US PGPUB. # US 2019/0349346)  discloses, a registry apparatus is provided for maintaining a device registry of agent devices for communicating with application providing apparatus. The registry comprises authentication information for uniquely authenticating at least one trusted agent device. In response to an authentication request from an agent device, the authentication information for that device is obtained from the registry, and authentication of the agent device is performed. If the authentication is successful, then application key information is transmitted to at least one of the agent device and the application providing apparatus. (Abstract).
Rolf Lindemann (US PGPUB. # US 2019/0222424) discloses, a method for binding verifiable claims. For example, one embodiment of a system comprises: a client device; an authenticator of the client device to securely store authentication data including one or more verifiable claims received from one or more claim providers, each verifiable claim having attributes associated therewith; and claim/attribute processing logic to generate a first verifiable claim binding for a first verifiable claim issued by the claim provider; wherein the authenticator is to transmit a first signature assertion to a first relying party to authenticate with the first relying party, the first signature assertion including an attribute extension containing data associated with the first verifiable claim binding. (Abstract).
Kumar et al. (US PGPUB. # US 2019/0163912) discloses, a method of building a device historian, across a supply chain of device manufactures and managers, by a plurality of device management services comprising an enrollment service, an update service, a policy service, and an analytics service, a transaction connector, a blockchain broker service participating as a node in a blockchain network, and transaction filters. The method comprises sending, by the plurality of device management services a transaction record over the transaction connector to the blockchain broker service, receiving, by the blockchain broker service, the transaction record, filtering, by the blockchain broker service, information in the transaction record based on the transaction filters, preparing, by the blockchain broker service, a versioned block based on the filtered information from the transaction record, and adding, by the blockchain broker service, the versioned block to the blockchain network. (Abstract).
However, each of the cited references or reference from the updated search, at least, fails to teach or suggest the limitations regarding “…publication and recording, in the decentralized blockchain database, of a decentralized identifier of the object and of the diversifier used to obtain the public manufacturing key of the object in association; and, when the client purchases the object from said manufacturer, the communication method further :comprising providing, by the manufacturer of the object, of the decentralized identifier of the object and the public manufacturing key to the client; updating the decentralized blockchain database by publication of the public client key and creation of the association, in said decentralized blockchain database, between the decentralized identifier of the object and the diversifier and the public client key: and, when the object is switched on for first time, the object enrolls itself according to: generation of a utilization key pair auto-enrollment using the manufacturing key pair by publication, by the object, of a public utilization key of the object in an enrollment message, and signing of the enrollment message with the private manufacturing key; and replacement, in the decentralized blockchain database, of the public manufacturing key associated with the decentralized identifier of the object of  with the public utilization key associated with the decentralized identifier of the object”, in combination with the rest of the limitations recited in the independent claim(s).

None of the previous cited prior art references or reference(s) from the updated search yield any specific references that would reasonably, either singularly or in combination with previous cited reference, result a reasonable and proper rejection for each of the cited feature limitations of the independent claim 1 under 35 U.S.C. 102 or 35 U.S.C. 103 with proper motivation.
Claims 11 is a system claim of above method claim 1 and Claim 13 is an identity management system claim of above method claim 1, and therefore, they are also allowed.
Claims 2-7 and 17-18 depend on the allowed claim 1, and therefore, they are also allowed.
Claims 12 and 19-21 depend on the allowed claim 11, and therefore, they are also allowed.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance".

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DARSHAN I DHRUV whose telephone number is (571)272-4316. The examiner can normally be reached M-F 9:00 AM-5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DARSHAN I DHRUV/Primary Examiner, Art Unit 2498