DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1.	Claims 1-21 are pending.

Allowable Subject Matter
2.	Claims 8 and 15 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
	Examiner notes limitations recited in claims 8 and 15 should be incorporated into all independent claims to expedite prosecution.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
3.	Claims 1-21 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-21 of U.S. Patent No. 10,965,652 (previously referred as 16/206,434). Although the claims at issue are not identical, they are not patentably distinct from each other because the claimed invention of the current application ‘846 discloses similar limitations as that to the claimed invention of ‘652. The current claims of ‘846, decrypts with two keys for the one payload information item, versus claims of ‘652, decrypts multiple payload items with respective different keys.  The claimed invention of ‘652 is indeed narrower comprising more limitations than the current claimed invention ‘846.  Thus, it would have been obvious for a person of ordinary skills in the art the claims of 1-21 of ‘846 is a broader variation to claims 1-21 of ‘652.
This is a provisional nonstatutory double patenting rejection because the patentably indistinct claims have not in fact been patented.

Response to Arguments
4.	Applicant's arguments filed 7/8/22 have been fully considered but they are not persuasive.
In response to the argument (pg.9), regarding the double patenting:
The current application ‘846 includes similar limitations to that of patent ‘652 where similarities can be seen if the limitations are put side by side. This would show there the ‘846 broadly claims encryption to one payload item whereas ‘652 claims including the multiple encryptions to multiple payload items. Thus, it would have been obvious for a person of ordinary skill in the art the ‘846 is a broader variation to ‘652 because ‘652 has the capacity to perform multiple encryptions on multiple payload items.

In response to the argument (pg.10), regarding the second key:
Applicant’s argument appears to be directed toward the following limitation:
“obtaining an encrypted payload information item by encrypting said payload information item to obtain an intermediate encrypted payload information item such that it is decryptable by use of a first decryption key and by encrypting said intermediate encrypted payload information item such that it is decryptable by use of a second decryption key”
The above limitation broadly suggest the intermediate encrypted payload information may be decryptable by a first decryption key and the said intermediate encrypted payload information may also be decryptable by a second decryption key. As such, the encryption occurs two times to the same payload information item (encrypted payload information item), thus, the twice encrypted payload item (2X encryption) may be decryptable two times as well. By being decryptable with either one decryption key or second decryption key broadly suggest the ability to decrypt encrypted data per se. That being decryptable with a decryption key suggests the encrypted payload item has not yet decrypted or that there is a determinative end result in the decryption of the encrypted payload item nor decryption to the encryption of the encrypted payload item.
Accordingly, the Cheng reference where Applicant concurs the payload information item is twice encrypted. Therefore, Cheng reads on limitations “an intermediate encrypted payload information item such that it is decryptable by use of a first decryption key” and “encrypting said intermediate encrypted payload information item such that it is decryptable by use of a second decryption key”, as Cheng teaches the payload item is involved in two encryptions; encrypting intermediate payload item and re-encrypts the intermediate payload information item where both of the involved encryptions may be decryptable.
In response to the argument (pg.10-11), regarding the re-encryption:
Cheng discusses in multiple paragraphs which leads to a trail of the SIP 200OK message, showing there are multiple encryption without decryption to the same intermediate payload information item (or DPK). For example, Cheng discloses the server could then encrypt ("wrap") these server-generated keys using the KS_NAF key information (or a key derived from KS_NAF) and send them to the application clients, for example, either in the first SIP 200 OK message or attached to the protected data. By using per-target DPKs instead of per-watcher DPKs, there is no need to re-encrypt the same protected data for different watchers, i.e., the application server can encrypt the sensitive data once and distributes it to several watchers [Cheng: para 0049]. Next, the discussion of the application server 31 then verifies the received public key C_PK, e.g., by using PKI 48, and replies with a SIP 200 OK message 90. The SIP 200 OK message 90 can contain the application server 31's public key or its certificate, whose public key is denoted here as S_PK, and is forwarded on to the application client 20 via SIP/IP core 32, 34 and message 92 [Cheng: para 0050]. The third step involves the application client 20 verifies S_PK, e.g., using PKI 48. When the target SIP application server 31 has some sensitive data to send to the application client 20, it generates DPK(s) and protects the data with the DPK(s). The target SIP application server 31 also encrypts the DPK(s) with the application client 20's public key C_PK and signs the result with its private key, denoted here as S_SK, as shown in block 94. For confidentiality protection, encryption of the SIP payload can be performed using one key. For integrity protection, the target SIP application server 31 should generate another key, and also send a protected copy of that key to the application client 20. Message authentication mechanisms (e.g., keyed hash) can then be applied for integrity protection. This protected SIP payload is forwarded on to the application client 20 from the SIP/IP core 32, 34 via SIP NOTIFY message 98. The application client 20 verifies the target SIP application server 20's signature and recovers the DPK(s) by using its own private key first to decrypt the key portion of the received SIP message [Cheng: para 0051]. As such, Cheng disclose the DPK being encrypted following other encryptions which showed the encryption of encrypted payload item and multiple decryptions and decryption keys. Hence, Cheng reads on the invention as claimed.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

5.	Claim(s) 1-7, 9-14, and 16-21 is/are rejected under 35 U.S.C. 102a as being anticipated by Cheng, et al. [US 20110131414].
As per claim 1:	Cheng, et al. teaches a method performed by an apparatus, said method comprising: 
obtaining a payload information item that is to be communicated to at least one recipient, [Cheng: 0011; a client application located in a second SIP/IP domain includes an interface for receiving a first SIP message directed to the client application, the message including an encrypted SIP payload protection key. The “payload information item” can be given the broadest reasonable interpretation as data in or associated to the payload, which also broadly include the payload or message payload per se. As such, according to Cheng, the “payload information item” may be a key such as SIP payload protection key] 
obtaining an encrypted payload information item [Cheng: 0052-0053; application client 20 uses the DPK(s) to retrieve the received SIP payload data. FIG. 3 shows the protection keys being sent together with the first protected SIP payload] by encrypting said payload information item to obtain an intermediate encrypted payload information item such that it is decryptable by use of a first decryption key [Cheng: 0051; When the target SIP application server 31 has some sensitive data to send to the application client 20, it generates DPK(s) and protects the data with the DPK(s). The target SIP application server 31 also encrypts the DPK(s) with the application client 20's public key C_PK and signs the result with its private key. Application client 20 verifies the target SIP application server 20's signature and recovers the DPK(s) by using its own private key first to decrypt the key portion of the received SIP message (reads on the limitation “decryptable by…first decryption key”). For integrity protection, the target SIP application server 31 should generate another key, and also send a protected copy of that key to the application client] and by encrypting said intermediate encrypted payload information item such that it is decryptable by use of a second decryption key, and [Cheng: 0011, 0057-0058; SIP payload data, protected using PKI techniques are forwarded on to IS via messages (FIG. 4). Upon receipt, the IS verifies the target SIP application server's signature, and then decrypts the received DPK(s) with its private key IS_SK (reads on the limitation “decryptable by…first decryption key”). The IS re-encrypts the DPK(s) using KS_NAF key information and forwards the encrypted data, together with the re-encrypted DPK, to the application client (reads on “by encrypting said intermediate encrypted payload information item…a second decryption key”). Also refer to 0049-0051; showing encryption to the DPK, re-encryption and then encryption to that re-encrypted DPK and multiple decryptions with decryption keys]
sending or triggering sending a message containing said encrypted payload information item to said recipient. [Cheng: 0051, 0057] 
As per claim 2:  See Cheng: 0011, 0057; discussing the method according to claim 1, wherein said encrypted payload information item is obtained by encrypting said payload information item in at least two subsequent encrypting steps.
As per claim 3:  	Cheng, et al. teaches a method performed by an apparatus, said method comprising:
obtaining a payload information item that is to be communicated to at least one recipient, [Cheng: 0011; a client application located in a second SIP/IP domain includes an interface for receiving a first SIP message directed to the client application, the message including an encrypted SIP payload protection key. The “payload information item” can be given the broadest reasonable interpretation as data in or associated to the payload, which also broadly include the payload or message payload per se. As such, according to Cheng, the “payload information item” may be a key such as SIP payload protection key] 
obtaining an encrypted payload information item [Cheng: 0052-0053; application client 20 uses the DPK(s) to retrieve the received SIP payload data. FIG. 3 shows the protection keys being sent together with the first protected SIP payload] by encrypting said payload information item such that it is decryptable by use of a first decryption key and a second decryption key, [Cheng: 0051; When the target SIP application server 31 has some sensitive data to send to the application client 20, it generates DPK(s) and protects the data with the DPK(s). The target SIP application server 31 also encrypts the DPK(s) with the application client 20's public key C_PK and signs the result with its private key. Application client 20 verifies the target SIP application server 20's signature and recovers the DPK(s) by using its own private key first to decrypt the key portion of the received SIP message (reads on the limitation “decryptable by…first decryption key”). For integrity protection, the target SIP application server 31 should generate another key, and also send a protected copy of that key to the application client. Also refer to 0049-0051; showing encryption to the DPK, re-encryption and then encryption to that re-encrypted DPK and multiple decryptions with decryption keys]
sending or triggering sending a message containing said encrypted payload information item to said recipient; [Cheng: 0051, 0057] 
wherein said encrypted payload information item is obtained by encrypting said payload information item in at least two subsequent encrypting steps: and[Cheng: 0011]
wherein said obtaining said encrypted payload information item comprises:
obtaining, in a first encrypting step of said at least two subsequent encrypting steps, an intermediate encrypted payload information item by encrypting said payload information item such that it is decryptable by use of said first decryption, and obtaining, in a second encrypting step of said at least two subsequent encrypting steps, said encrypted payload information item by encrypting said intermediate encrypted payload information item such that it is decryptable by use of said second decryption. [Cheng: 0057-0058; SIP payload data, protected using PKI techniques are forwarded on to IS via messages (FIG. 4). Upon receipt, the IS verifies the target SIP application server's signature, and then decrypts the received DPK(s) with its private key IS_SK (reads on the limitation “decryptable by…first decryption key”). The IS re-encrypts the DPK(s) using KS_NAF key information and forwards the encrypted data, together with the re-encrypted DPK, to the application client (reads on “intermediate encrypted payload information item…decryptable…a second decryption”). Also refer to 0049-0051; showing encryption to the DPK, re-encryption and then encryption to that re-encrypted DPK and multiple decryptions with decryption keys]
As per claim 4:  See Cheng: 0045, 0050; discussing the method according to claim 1, wherein said encrypted payload information item is encrypted and/or decryptable by use of at least one asymmetric cryptography algorithm, at least one symmetric cryptography algorithm or a combination thereof.
As per claim 5:  See Cheng: 0057; discussing the method according to claim 1, wherein one of said first decryption key and said second decryption key is associated with and/or accessible to said recipient, and wherein access to the other one of said first decryption key and said second decryption key is controlled by said apparatus performing said method.
As per claim 6:  See Cheng: 0011-0012; discussing the method according to claim 1, said method further comprising: receiving a request for one of said first decryption key and said second decryption key from said recipient, sending or triggering sending said requested one of said first decryption key and said second decryption key to said recipient in response to said request.
As per claim 7:  See Cheng: 0011-0012, 0051; discussing the method according to claim 6, said method further comprising: determining whether said recipient is allowed to access said encrypted payload information item, wherein said requested one of said first decryption key and said second decryption key is only sent or triggered to be sent to said recipient in response to said request, if it is determined that said recipient is allowed to access said encrypted payload information item.
As per claim 8:  See Cheng: 0046-0049 [communication located in various domains, encryption of SIP payload, message authentication mechanisms, and receiving sensitive data during period of time]; discussing the method according to claim 7, wherein said determining whether said recipient is allowed to access said payload information item is at least partially based on an authentication information item contained in said request for authenticating said recipient, an identification information item contained in said request for identifying said recipient, a validity time of said payload information item, a validity time of said requested one of said first decryption key and said second decryption key, a geographical validity of said one of said first decryption key and said second decryption key or a combination thereof.
As per claim 9:  See Cheng: 0051; discussing the method according to claim 1, wherein said message containing said encrypted payload information item further contains at least one of: a signature information item, a recipient information item, a key information item, an encryption information item, and a message policy information item.
As per claim 10:	Cheng, et al. teaches an apparatus, said apparatus comprising at least one processor and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause said apparatus at least to perform: 
obtaining a payload information item that is to be communicated to at least one recipient, [Cheng: 0011; a client application located in a second SIP/IP domain includes an interface for receiving a first SIP message directed to the client application, the message including an encrypted SIP payload protection key. The “payload information item” can be given the broadest reasonable interpretation as data in or associated to the payload, which also broadly include the payload or message payload per se. As such, according to Cheng, the “payload information item” may be a key such as SIP payload protection key] 
obtaining an encrypted payload information item [Cheng: 0052-0053; application client 20 uses the DPK(s) to retrieve the received SIP payload data. FIG. 3 shows the protection keys being sent together with the first protected SIP payload] by encrypting said payload information item in its entirety by a first encryption key [Cheng: 0051; When the target SIP application server 31 has some sensitive data to send to the application client 20, it generates DPK(s) and protects the data with the DPK(s). The target SIP application server 31 also encrypts the DPK(s) with the application client 20's public key C_PK and signs the result with its private key. Application client 20 verifies the target SIP application server 20's signature and recovers the DPK(s) by using its own private key first to decrypt the key portion of the received SIP message (reads on the limitation “decryptable by…first decryption key”). For integrity protection, the target SIP application server 31 should generate another key, and also send a protected copy of that key to the application client] and then by a second encryption key such that it is decryptable by use of a first decryption key and a second decryption key, [Cheng: 0011, 0057-0058; SIP payload data, protected using PKI techniques are forwarded on to IS via messages (FIG. 4). Upon receipt, the IS verifies the target SIP application server's signature, and then decrypts the received DPK(s) with its private key IS_SK (reads on the limitation “decryptable by…first decryption key”). The IS re-encrypts the DPK(s) using KS_NAF key information and forwards the encrypted data, together with the re-encrypted DPK, to the application client (reads on “by encrypting said intermediate encrypted payload information item…a second decryption key”). Also refer to 0049-0051; showing encryption to the DPK, re-encryption and then encryption to that re-encrypted DPK and multiple decryptions with decryption keys]
sending or triggering sending a message containing said encrypted payload information item to said recipient. [Cheng: 0051, 0057] 
As per claim 11:  See Cheng: 0057; discussing the apparatus according to claim 10, wherein said encrypted payload information item is obtained by encrypting said payload information item in at least two subsequent encrypting steps.
As per claim 12:  See Cheng: 0011, 0057; discussing the apparatus according to claim 11, wherein said obtaining said encrypted payload information item comprises: obtaining, in a first encrypting step of said at least two subsequent encrypting steps, an intermediate encrypted payload information item by encrypting said payload information item such that it is decryptable by use of said first decryption, and obtaining, in a second encrypting step of said at least two subsequent encrypting steps, said encrypted payload information item by encrypting said intermediate encrypted payload information item such that it is decryptable by use of said second decryption.
As per claim 13:  See Cheng: 0011-0012; discussing the apparatus according to claim 10, wherein said at least one memory and said computer program code are further configured to, with the at least one processor, cause said apparatus at least to perform: receiving a request for one of said first decryption key and said second decryption key from said recipient, sending or triggering sending said requested one of said first decryption key and said second decryption key to said recipient in response to said request.
As per claim 14:  See Cheng: 0011-0012, 0051; discussing the apparatus according to claim 13, wherein said at least one memory and said computer program code are further configured to, with the at least one processor, cause said apparatus at least to perform: determining whether said recipient is allowed to access said encrypted payload information item, wherein said requested one of said first decryption key and said second decryption key is only sent or triggered to be sent to said recipient in response to said request, if it is determined that said recipient is allowed to access said encrypted payload information item.
As per claim 15:  See Cheng: 0046-0049 [communication located in various domains, encryption of SIP payload, message authentication mechanisms, and receiving sensitive data during period of time]; discussing the apparatus according to claim 14, wherein said determining whether said recipient is allowed to access said payload information item is at least partially based on an authentication information item contained in said request for authenticating said recipient, an identification information item contained in said request for identifying said recipient, a validity time of said payload information item, a validity time of said requested one of said first decryption key and said second decryption key, a geographical validity of said one of said first decryption key and said second decryption key or a combination thereof.
As per claim 16:	Cheng, et al. teaches a method performed by an apparatus, said method comprising: 
receiving a message containing an encrypted payload information item [Cheng: 0011; a client application located in a second SIP/IP domain includes an interface for receiving a first SIP message directed to the client application, the message including an encrypted SIP payload protection key. The “encrypted payload information item” can be given the broadest reasonable interpretation as data in or associated to the payload, which also broadly include the payload or message payload per se. As such, according to Cheng, the “payload information item” may be a key such as SIP payload protection key. See also 0052-0053; application client 20 uses the DPK(s) to retrieve the received SIP payload data. FIG. 3 shows the protection keys being sent together with the first protected SIP payload] that is decryptable by use of a first decryption key and a second decryption key, obtaining and/or holding available said first decryption key and said second decryption key [Cheng: 0011], 
decrypting said encrypted payload information item by use of said first decryption key decrypting said encrypted payload information item [Cheng: 0051; When the target SIP application server 31 has some sensitive data to send to the application client 20, it generates DPK(s) and protects the data with the DPK(s). The target SIP application server 31 also encrypts the DPK(s) with the application client 20's public key C_PK and signs the result with its private key. Application client 20 verifies the target SIP application server 20's signature and recovers the DPK(s) by using its own private key first to decrypt the key portion of the received SIP message (reads on the limitation “decryptable by…first decryption key”). For integrity protection, the target SIP application server 31 should generate another key, and also send a protected copy of that key to the application client] by use of said first decryption key on an entire said encrypted payload information item to obtain an intermediate encrypted payload information item and said second decryption key on said intermediate encrypted payload information item. [Cheng: 0011, 0057-0058; SIP payload data, protected using PKI techniques are forwarded on to IS via messages (FIG. 4). Upon receipt, the IS verifies the target SIP application server's signature, and then decrypts the received DPK(s) with its private key IS_SK (reads on the limitation “decryptable by…first decryption key”). The IS re-encrypts the DPK(s) using KS_NAF key information and forwards the encrypted data, together with the re-encrypted DPK, to the application client (reads on “by encrypting said intermediate encrypted payload information item…a second decryption key”) . Also refer to 0049-0051; showing encryption to the DPK, re-encryption and then encryption to that re-encrypted DPK and multiple decryptions with decryption keys] 
As per claim 17:  See Cheng: 0011-0012; discussing the method according to claim 11, wherein one of said first decryption key and said second decryption key is obtained by: sending or triggering sending a request for said one of said first decryption key and said second decryption key to a sender of said message containing said encrypted payload information item, and receiving said requested one of said first decryption key and said second decryption key from said sender in response to said request. 
As per claim 18:	Cheng, et al. teaches an apparatus, said apparatus comprising at least one processor and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause said apparatus at least to perform: 
receiving a message containing an encrypted payload information item [Cheng: 0011; a client application located in a second SIP/IP domain includes an interface for receiving a first SIP message directed to the client application, the message including an encrypted SIP payload protection key. The “encrypted payload information item” can be given the broadest reasonable interpretation as data in or associated to the payload, which also broadly include the payload or message payload per se. As such, according to Cheng, the “payload information item” may be a key such as SIP payload protection key. See also 0052-0053; application client 20 uses the DPK(s) to retrieve the received SIP payload data. FIG. 3 shows the protection keys being sent together with the first protected SIP payload]  that is decryptable by use of a first decryption key and a second decryption key, [Cheng: 0011, 0057]
obtaining and/or holding available said first decryption key and said second decryption key, [Cheng: 0051; When the target SIP application server 31 has some sensitive data to send to the application client 20, it generates DPK(s) and protects the data with the DPK(s). The target SIP application server 31 also encrypts the DPK(s) with the application client 20's public key C_PK and signs the result with its private key. Application client 20 verifies the target SIP application server 20's signature and recovers the DPK(s) by using its own private key first to decrypt the key portion of the received SIP message (reads on the limitation “decryptable by…first decryption key”). For integrity protection, the target SIP application server 31 should generate another key, and also send a protected copy of that key to the application client]
decrypting said encrypted payload information item by use of said first decryption key on an entirety of said encrypted payload information item to obtain an intermediate encrypted payload information item and said second decryption key on an entirety of said intermediate encrypted payload information item. [Cheng: 0011, 0057; SIP payload data, protected using PKI techniques are forwarded on to IS via messages (FIG. 4). Upon receipt, the IS verifies the target SIP application server's signature, and then decrypts the received DPK(s) with its private key IS_SK (reads on the limitation “decryptable by…first decryption key”). The IS re-encrypts the DPK(s) using KS_NAF key information and forwards the encrypted data, together with the re-encrypted DPK, to the application client (reads on “by encrypting said intermediate encrypted payload information item…a second decryption key”). Also refer to 0049-0051; showing encryption to the DPK, re-encryption and then encryption to that re-encrypted DPK and multiple decryptions with decryption keys] 
As per claim 19:  See Cheng: 0011-0012; discussing the apparatus according to claim 18, wherein one of said first decryption key and said second decryption key is obtained by: sending or triggering sending a request for said one of said first decryption key and said second decryption key to a sender of said message containing said encrypted payload information item, and receiving said requested one of said first decryption key and said second decryption key from said sender in response to said request.
As per claim 20:	Cheng, et al. teaches teach a computer readable storage medium having stored thereon computer program code, said computer program code when executed by a processor causing an apparatus to perform: 
obtaining a payload information item that is to be communicated to at least one recipient, [Cheng: 0011; a client application located in a second SIP/IP domain includes an interface for receiving a first SIP message directed to the client application, the message including an encrypted SIP payload protection key. The “encrypted payload information item” can be given the broadest reasonable interpretation as data in or associated to the payload, which also broadly include the payload or message payload per se. As such, according to Cheng, the “payload information item” may be a key such as SIP payload protection key. See also 0052-0053; application client 20 uses the DPK(s) to retrieve the received SIP payload data. FIG. 3 shows the protection keys being sent together with the first protected SIP payload]
obtaining an encrypted payload information item by encrypting said payload information item in its entirety by a first encryption key [Cheng: 0051; When the target SIP application server 31 has some sensitive data to send to the application client 20, it generates DPK(s) and protects the data with the DPK(s). The target SIP application server 31 also encrypts the DPK(s) with the application client 20's public key C_PK and signs the result with its private key. Application client 20 verifies the target SIP application server 20's signature and recovers the DPK(s) by using its own private key first to decrypt the key portion of the received SIP message (reads on the limitation “decryptable by…first decryption key”). For integrity protection, the target SIP application server 31 should generate another key, and also send a protected copy of that key to the application client] to obtain an intermediate encrypted payload information item, and then by encrypting said intermediate encrypted payload information item in its entirety by a second encryption key such that said encrypted payload information item is decryptable by use of a first decryption key and a second decryption key, [Cheng: 0011, 0057-0058; SIP payload data, protected using PKI techniques are forwarded on to IS via messages (FIG. 4). Upon receipt, the IS verifies the target SIP application server's signature, and then decrypts the received DPK(s) with its private key IS_SK (reads on the limitation “decryptable by…first decryption key”). The IS re-encrypts the DPK(s) using KS_NAF key information and forwards the encrypted data, together with the re-encrypted DPK, to the application client (reads on “by encrypting said intermediate encrypted payload information item…a second decryption key”). Also refer to 0049-0051; showing encryption to the DPK, re-encryption and then encryption to that re-encrypted DPK and multiple decryptions with decryption keys]
sending or triggering sending a message containing said encrypted payload information item to said recipient. [Cheng: 0051, 0057] 
As per claim 21:  See Cheng: 0067; discussing the system, said system comprising: at least one apparatus according to claim 10, and at least one apparatus comprising at least one processor and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause said apparatus at least to perform: receiving a message containing an encrypted payload information item that is decryptable by use of a first decryption key and a second decryption key, obtaining and/or holding available said first decryption key and said second decryption key, decrypting said encrypted payload information item by use of said first decryption key on an entirety of said encrypted payload information item to obtain an intermediate encrypted payload information item and by use of said second decryption key on an entirety of said intermediate encrypted payload information item. [Cheng: 0011, 0057]

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LEYNNA TRUVAN whose telephone number is (571)272-3851. The examiner can normally be reached Monday-Friday 8:00AM-5:00PM, EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on 571-272-3685. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

LEYNNA TRUVAN
Examiner
Art Unit 2435



/L.TT/Examiner, Art Unit 2435

/JOSEPH P HIRL/Supervisory Patent Examiner, Art Unit 2435