Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This is a reply to the application filed on 12/25/2022, in which, claims 1-20 are pending. Claims 1, 13, and 16 are independent.
When making claim amendments, the applicant is encouraged to consider the references in their entireties, including those portions that have not been cited by the examiner and their equivalents as they may most broadly and appropriately apply to any particular anticipated claim amendments.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 10/29/2021 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
The information disclosure statement (IDS) submitted on 7/4/2022 and 4/18/2022, has been reviewed. The submission fails to comply with 37 CFR 1.98,  which requires for non-English documents that are cited, the following must be provided:  (a) A concise explanation of the relevance, as it is presently understood by the individual designated in 37 CFR 1.56(c) most knowledgeable about the content of the information, unless a complete translation is provided; and/or  (b) A written English language translation of a non-English language document, or portion thereof, if it is within the possession, custody or control of, or is readily available to any individual designated in 37 CFR 1.56(c).

Drawings
The drawings filed on 12/25/2020 are accepted.

Specification
The specification is objected to as failing to provide proper antecedent basis for the claimed subject matter.  See 37 CFR 1.75(d)(1) and MPEP § 608.01(o).  Correction of the following is required: In claims 1, 13, and 16: detecting, at the sensor device, encrypted data message information sent from the client device to the server device; in response to determining that the sensor device does not have a decryption key for the encrypted message: detecting, at the sensor device, a client initiated hello message sent from the client device to the server device.


Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 1, 13, and 16 and their respective dependent claims are rejected under 35 U.S.C. 112(a) or pre-AIA  35 U.S.C. 112, first paragraph, as based on a disclosure which is not enabling.  The disclosure does not enable one of ordinary skill in the art to practice the invention without undue experimentation, which is/are critical or essential to the practice of the invention but not included in the claim(s). See In re Mayhew, 527 F.2d 1229, 188 USPQ 356 (CCPA 1976). The test for enablement according to 35 U.S.C. 112, first paragraph, is whether the ordinary artisan, based upon the disclosure, would be able to make and use the invention without undue experimentation, and a determination of whether the experimentation required is undue should be conducted in accordance with the Wands factors {In re Wands, 858 F.2d 731,8 USPQ2d 1400 (Fed. Cir. 1988))
Claims 1, 13, and 16 and their respective dependent claims are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, because the specification does not reasonably provide enablement for “detecting, at the sensor device, encrypted data message information sent from the client device to the server device; in response to determining that the sensor device does not have a decryption key for the encrypted message: detecting, at the sensor device, a client initiated hello message sent from the client device to the server device”.  The specification does not enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the invention commensurate in scope with these claims. Claims are not fully supported if their subject matter is different to the subject matter of the description and the scope of the claims must not be broader than is justified by the description and they must be enabled by the description across their entire scope. However, there are well founded reasons to suppose that the invention cannot be worked through the whole of the field claimed by routine methods of experimentation or analysis. In particular, claims recite "detecting, at the sensor device, encrypted data message information sent from the client device to the server device; in response to determining that the sensor device does not have a decryption key for the encrypted message: detecting, at the sensor device, a client initiated hello message sent from the client device to the server device" (emphasis added). However, this is inconsistent with what is described in the applicant's description which only describes sensor intercepts the client SSL handshake protocol starting at time T0 before the data encryption/decryption key is even generated by the protocol (see Applicant’s disclosure Fig. 6 and ¶77):
[0077]    FIG. 6 illustrates a timeline 600 of message and information flow between a client, sensor (e.g., NSP), and web server, according to one or more disclosed embodiments. This is just one example timeline sequence that may occur. In a real-world implementation, variations on this timeline are expected and still conform to the concepts of this disclosure. Further, a single implementation of an NSP (e.g., sensor) and SSLKeyServer (e.g., web server) may support many different variations of this timeline based on activities initiated by different client devices (e.g., processors executing a web browser, or web services client application). Time line 700 illustrates time beginning at time TO at the top with events progressing in temporal order as you go down the page. Information exchange is shown left to right and right to left. Time line 700 illustrates an example interchange between client and server, via a sensor (NSP) as already discussed above and is provided here to further illustrate (e.g., pictorially) the above discussions. In this example, beginning at time TO, a client initiates a connection request with a Client Hello 605. The Sensor copies the client random 610 for later use and sends the client hello 615 on to the server. The server responds with server hello 620, via the sensor (in part because that is who sent the server the message), to the client. While passing through the sensor a copy 625 of the server random from server hello 630 is made for future use. Next the Server certificate 635 and server hello done are sent to the client (now at T1). These messages may be sent directly, or may simply pass through the sensor, depending on the implementation. Next, the client may send a client key exchange (e.g., an encrypted Private Master Secret (PMS)) to the server. This may happen at the initial handshake that establishes a session or at any time a key is changed. As shown in this example, three messages (Client Key Exchange, ChangeCipherSpec 640, and Finished) are sent from the client to the server. The server acknowledges the three messages with a ChangeCiperSpec response 645 at time T2. Next, the server sends 650 the shared key (including the current client random (CR) and server random (SR)), via the sensor which makes a copy 655, to the client. This act may represent the SSLAGENT 151 library having intercepted information, as discussed above, and providing it to the sensor. Because the information has just previously been sent to the client it is the sensor that needs this possibly and likely changed information to remain able to decrypt communications for this session. Once the ChangeCipherSpec exchange is completed as indicated by the Finished communication from the server to the client, time progresses to T3 where encrypted data 660 may flow on the session from the client to the web server. As each message of potentially encrypted data is received at the sensor, a key lookup 665, decryption 670 and inspection 675, may be performed prior to passing the (original) encrypted data 680 to the web server. (Emphasis added)

As Applicant’s disclosure plainly states, the data encryption/decryption begins at time T3 after SSL protocol has finished and after the handshake hello message has been initiated and completed at time T0 to time T1. Note the disclosure is explicit about the temporal order of the protocol. Note further the disclosure explicitly shows the sensor starts intercepting the SSL session set up at time T0 and not in response to encrypted data flowing between the client and the server.     
The recited limitation is technically infeasible as is known to skilled artisans in the pertinent art and the claimed invention cannot be worked through the whole of the field claimed by routine methods of experimentation or analysis. Dependent claims are rejected for reciting the aforementioned deficiency of their respective parent claims. Note further, Applicant’s disclosure specifies well-known and commonly used session protocols TLS/SSL (Applicant’s disclosure: Fig. 6 and associated paragraphs). Encrypted data flows in TLS/SSL protocol sessions after the handshake protocol and key exchange is completed as shown in Applicant’s Fig. 6.    
With respect to the Wands factors, Examiner finds that:
(A) The breadth of the claims: The claims are ambiguous in comparison to the actual steps the ordinary artisan would have to undertake to set up a TLS/SSL session and the disclosure does not provide any guidance as to how well-known and commonly used TLS/SSL session would break the temporal order of starting the handshake sequence after encrypted data is already flowing between a client and a server. In fact, Applicant’s own disclosure does not support the recited limitation.
(B) The nature of the invention: The temporal sequence of establishing of establishing TSL/SSL protocol is well-known and TSL/SSL are commonly used technique to create secure sessions between entities. However, the claim is reciting a temporal sequence not supported by Applicant’s disclosure and not technically feasible as is known in the art.   
(C) The state of the prior art: TLS/SSL protocols are well-known in the art and were developed in 1994 at the inception of the internet. The protocol is widely in use and the sequence of a creating a TLS/SSL session is well known and tested as is depicted in Applicant’s disclosure Fig. 6.    
(D) The level of one of ordinary skill: The skill of the ordinary artisan for communication protocols is fairly high, with the ordinary artisan holding at least a 4 years degree in computer science, computer engineering, network security, or similar. 
(E) The level of predictability in the art: With regard to TLS/SSL, it is a well-known and well-understood area and there is a high predictability.
(F) The amount of direction provided by the inventor: Minimal, if any, direction is provided by the inventor. As indicated above, no direction is given with regards to how a handshake protocol is detected at time T0 after encrypted data starts flowing at time T3 as shown in Fig. 6 of Applicant’s disclosure.
(G) The existence of working examples: A working example appears to exist inasmuch as Detailed Description of Applicant’s disclosure describes a sensor intercepting TLS/SSL session creation starting at time T0 (Fig. 6 ¶77). However, the recited limitation is inconsistent with the algorithm in the disclosure and what is known in the art. The inconsistency in the recited limitation and Applicant’s disclosure does not provide any clarifying guidance to make/use the claimed invention.
(H) The quantity of experimentation needed to make or use the invention based on the content of the disclosure. Significant experimentation would be required on the part of the ordinary artisan to change the temporal order (“detecting, at the sensor device, encrypted data message information sent from the client device to the server device; in response to determining that the sensor device does not have a decryption key for the encrypted message: detecting, at the sensor device, a client initiated hello message sent from the client device to the server device”) of setting up TSL/SSL protocol, as neither the prior art nor the present specification provides much guidance on how an ordinary artisan can modify the protocols.
Considered altogether, the evidence weighs heavily on the side of undue experimentation being required. Accordingly, the claims fail to meet the enablement requirement of 35 U.S.C. 112, first paragraph.
Dependent claims are rejected for incorporating the deficiency of claims 1, 13, and 16 respectively

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 1, 13, 16 and their respective dependent claims are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. Claims recite: in response to determining that the sensor device does not have a decryption key for the encrypted message: detecting, at the sensor device, a client initiated hello message sent from the client device to the server device. There is no support for limitations in the sequence recited in Applicant’s disclosure as originally filed. 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SYED A ZAIDI whose telephone number is (571)270-5995. The examiner can normally be reached Monday-Thursday: 5:30AM-5:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Nickerson can be reached on (469) 295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SYED A ZAIDI/Primary Examiner, Art Unit 2432