DETAILED ACTION
	
Introduction
Claims 1-20 are pending. No claims are amended, added, or cancelled. This Office action is in response to Applicant’s request for reconsideration after non-final rejection filed on 4/18/2022. 

Allowable Subject Matter
Claims 10 and 17 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Response to Arguments
Applicant’s arguments are discussed below.
Rejection of claims 1-20 under 35 U.S.C. 112(b)
Examiner withdraws the 35 U.S.C. 112(b) rejection of claims 1-20 for the reasons provided by Applicant.
Rejection of claims 1 and 13 under 35 U.S.C. 102
Applicant argues that Cloudflare does not teach the limitation “sending, to the first computing device, the network address, the modified version of the identifier, and an indication of the modified version of the identifier, wherein the indication of the modified version of the identifier is configured to facilitate a secure request for the service by the first computing device.” In support of this argument, Applicant further argues that Cloudflare does not teach this feature because “the client hello message is sent before the client and server have negotiated TLS encryption keys, the ESNI encryption key must be communicated another way.” However, this argument is irrelevant, as claim 1 is silent as to how precisely the first computing device securely requests the service from a server. Instead, claim 1 broadly recites that the indication of the modified identifier is somehow “configured to facilitate a secure request for the service,” whatever that means.  
Applicant also argues that “Cloudflare is totally silent with respect to teaching an FQDN or a NAME resource field of a DNS reply.” However, Examiner respectfully disagrees. Cloudflare teaches that the client initiates a DNS query to a DNS server when a user of the client enters a logical address into a browser. For instance, page 4 states that “[w]hen Alice types https://www.bobisawesome.example.com into her laptop’s browser, her laptop… sends a query to a DNS server to find out the website’s IP address….” This DNS query is understood to include the string https://www.bobisawesome.example.com (i.e., an FQDN). In addition, the reply issued by the DNS server is understood to adhere to RFC 1035, which discloses a DNS reply containing a resolved IP address and the FQDN included in the DNS query. See section 4. Moreover, Cloudflare teaches that the DNS reply may be encrypted using either DNS over HTTPS or DNS over TLS. See pg. 5. The encrypting of the DNS reply causes the FQDN in the DNS reply to become an encrypted (i.e., modified) FQDN. 
Applicant also argues that the overhead information used to decrypt the DNS reply is not equivalent to the claimed “indication of a modified identifier” because it allegedly does not indicate to the receiving device that the underlying identifier is a modified version of the identifier.” However, Examiner respectfully disagrees. The overhead information indicates that the FQDN and the other contents of the DNS reply are encrypted, and therefore serves to indicate that the FQDN included in the DNS reply is a modified FQDN rather than a cleartext FQDN.  
Rejection of claim 18 under 35 U.S.C. 102
Applicant argues that the rejection of claim 18 must be withdrawn for the reasons Applicant provides with respect to claim 1. However, Examiner respectfully disagrees. Claim 18 is substantially different from claims 1 and 13, and therefore must be separately addressed. For instance, claims 1 and 13 are directed primarily to an interaction between a client and a DNS server, whereas claim 18 is primarily directed to an interaction between a client and a web server. In fact, claim 18 is so broad that it encompasses any DNS method, even a conventional DNS method. Therefore, Applicant cannot rely on arguments directed to claim 1 in order to overcome the rejections of claim 18.

Claim Rejections: 35 U.S.C. 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

Claims 1-9, 11-16, and 18-20 are rejected under 35 U.S.C. 102(a)(1) because they are anticipated by the non-patent literature titled “What is Encrypted SNI? How ESNI Works” (hereinafter, “Cloudflare”). 
Regarding claim 1, Cloudflare teaches a method comprising: receiving, from a first computing device, a request for a network address associated with a service of a second computing device, wherein the request comprises an identifier of the second computing device (A DNS server receives from a client a DNS query for a network address of a website hosted by a web server. The request contains a fully qualified domain name (FQDN) associated with the web server. See pg. 4); determining, based on the identifier, the network address and a modified version of the identifier (The DNS server resolves the FQDN to an IP address of the web server. See pg. 4. The DNS server generates a DNS reply that includes the IP address and the FQDN in a resource record (RR). See RFC 1035, section 4. The DNS reply may be encrypted using a secure protocol (i.e., DNS over TLS or DNS over HTTPS) which causes the FQDN included in the DNS reply to become an encrypted (i.e., modified) FQDN. See pg. 5); and sending, to the first computing device, the network address, the modified version of the identifier, and an indication of the modified version of the identifier (The DNS server sends to the client the encrypted DNS reply containing the IP address and the encrypted FQDN. The TLS or HTTPS message carrying the encrypted DNS reply includes header information indicating the encrypted DNS reply. Such header information may be considered an indication of the encrypted FQDN), wherein the indication of the modified version of the identifier is configured to facilitate a secure request for the service by the first computing device (The client extracts the DNS reply from the TLS or HTTP message, and subsequently establishes a secure connection with the web server using the contents of the DNS reply. See pg. 4). 
Regarding claim 2, Cloudflare teaches wherein the service at least one of comprises a web service or facilitates access to a resource (The websites offer access to resources in the form of web pages. See https://www.techopedia.com/definition/5411/website).
Regarding claim 3, Cloudflare teaches wherein receiving the request for the network address associated with the service comprises a DNS over HTTPS (DoH) server receiving the request for the network address (The DNS request may be encrypted using DNS over TLS  or DNS over HTTPS. See pg. 5).
Regarding claim 4, Cloudflare teaches wherein the first computing device comprises at least one of a client device, a mobile device, a content output device, or a web browser (The device submitting the DNS request is a client. See pg. 3-4).
Regarding claim 5, Cloudflare teaches wherein the request for the network address comprises an encrypted domain name system (DNS) query (The DNS request may be encrypted using DNS over TLS  or DNS over HTTPS. See pg. 5).
Regarding claim 6, Cloudflare teaches wherein receiving the request for the network address comprises receiving the request for the network address via DNS over HTTPS (DoH) (The DNS request may be encrypted using DNS over TLS  or DNS over HTTPS. See pg. 5).
Regarding claim 7, Cloudflare teaches wherein the second computing device comprises a web server (The websites are hosted by a web server. See pg. 3).
Regarding claim 8, Cloudflare does not teach wherein determining the modified version of the identifier is further based on determining that the second computing device is associated with an administrative domain (The DNS server determines that the DNS entry corresponding to the FQDN includes a public key and is therefore associated with an administrative domain. See pg. 4).
Regarding claim 9, Cloudflare teaches wherein the identifier of the second computing device comprises a fully qualified domain name (FQDN), wherein the modified version of the identifier comprises at least one of a hash of the FQDN or an encrypted version of the FQDN (As indicated in the discussion of claim 1, the identifier of the web server in the DNS request is an FQDN and the modified version of the FQDN returned in the DNS reply is an encrypted FQDN).
Regarding claim 11, Cloudflare teaches wherein the secure request for the service comprises an encrypted server name indication (ESNI) request (After receiving the DNS reply, the client sends an ESNI request to the web server that includes the encrypted FQDN in the SNI part of the ESNI request so that the web server may route the client to one of the plurality of websites that it hosts. See pg. 4).
Regarding claim 12, Cloudflare teaches wherein the secure request for the service comprises a Client Hello message, wherein a server name indication (SNI) field of the Client Hello message comprises the modified version of the identifier (The ESNI request is an encrypted client hello message with the encrypted FQDN included in the SNI part of the client hello. See pg. 4).
Regarding claim 13, Cloudflare teaches a method comprising: sending a request for a network address associated with a service of a computing device, wherein the request comprises an identifier of the computing device (A DNS server receives from a client a DNS query for a network address of a website hosted by a web server. The request contains a fully qualified domain name (FQDN) associated with the web server. See pg. 4); receiving, based on the identifier, the network address, a modified version of the identifier, and an indication of the modified version of the identifier (The DNS server resolves the FQDN to an IP address of the web server. See pg. 4. The DNS server generates a DNS reply that includes the IP address and the FQDN in a resource record (RR). See RFC 1035, section 4. The DNS reply may be encrypted using a secure protocol (i.e., DNS over TLS or DNS over HTTPS) which causes the FQDN included in the DNS reply to become an encrypted (i.e., modified) FQDN. See pg. 5. The TLS or HTTPS message carrying the encrypted DNS reply includes header information indicating the encrypted DNS reply. Such header information may be considered an indication of the encrypted FQDN), wherein the indication of the modified version of the identifier is configured to facilitate a secure request for the service (The client extracts the DNS reply from the TLS or HTTP message, and subsequently establishes a secure connection with the web server using the contents of the DNS reply. See pg. 4); and sending, to the computing device based on the network address, the secure request for the service, wherein the secure request comprises the modified version of the identifier (In response to receiving the DNS reply, the client uses the IP address in the DNS reply to send an encrypted client hello message to the web server that contains an encrypted FQDN in the SNI part of the client hello. See pg. 4 The encrypted FQDN is used to route the client to the desired website. See pg. 3).
Regarding claim 14, Cloudflare teaches wherein the service at least one of comprises a web service or facilitates access to a resource (The websites offer access to resources in the form of web pages. See https://www.techopedia.com/definition/5411/website).
Regarding claim 15, Cloudflare teaches wherein sending the request for the network address comprises sending the request for the network address via DNS over HTTPS (DoH) (The DNS request may be encrypted using DNS over TLS  or DNS over HTTPS. See pg. 5).
Regarding claim 16, Cloudflare teaches wherein sending the request for the network address comprises sending the request to a network device (The DNS request is sent to a DNS server. See pg. 4), wherein receiving the modified version of the identifier and the indication of the modified version of the identifier is further based on the network device and the computing device being associated with an administrative domain (The DNS server determines that the DNS entry corresponding to the FQDN includes a public key and is therefore associated with an administrative domain. See pg. 4).
Regarding claim 18, Cloudflare teaches a method comprising: receiving, by a computing device, based on a network address, a secure request for a service (A client sends an encrypted client hello message to a web server using the IP address of the web server. See par. 4), 
wherein the secure request for the service comprises a modified version of an identifier of the computing device (The encrypted client hello includes an encrypted FQDN in the SNI part of the client hello. See pg. 4), wherein the modified version of the identifier is modified based on a request from a user device for the network address (The encrypted FQDN is based on a DNS request submitted by the client to a DNS server. See pg. 4); determining, based on the modified version of the identifier, the service; and causing the service to be sent to the user device (The web server uses the encrypted FQDN to route the client to the desired website. See pg. 3-4).
Regarding claim 19, Cloudflare teaches wherein receiving the secure request for the service comprises receiving an encrypted server name indication (ESNI) request (After receiving the DNS reply, the client sends an ESNI request to the web server that includes the encrypted FQDN as the SNI so that the web server may route the client to one of the plurality of websites that it hosts. See pg. 4).
Regarding claim 20, Cloudflare teaches wherein receiving the secure request for the service comprises receiving a Client Hello message, wherein a server name indication (SNI) field of the Client Hello message comprises the modified version of the identifier (The ESNI request is an encrypted client hello message with the encrypted FQDN included in the SNI part of the client hello. See pg. 4).


Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Andrew Georgandellis whose telephone number is 571-270-3991.  The examiner can normally be reached on Monday through Friday, 7:30-5:00 PM EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Tonia Dollinger, can be reached on 571-272-4170.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/ANDREW C GEORGANDELLIS/Primary Examiner, Art Unit 2459