McAfee, LLC

Patent Trials and Appeals Board

Nov 19, 2020

2019004476 (P.T.A.B. Nov. 19, 2020)

UNITED STATES PATENT AND TRADEMARK OFFICE
UNITED STATES DEPARTMENT OF COMMERCE
United States Patent and Trademark Office
Address: COMMISSIONER FOR PATENTS
P.O. Box 1450
Alexandria, Virginia 22313-1450
www.uspto.gov
APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO.
14/581,651 12/23/2014 James Bean 04796-1248 (P78431) 8688
152506 7590 11/19/2020
Patent Capital Group - McAfee, LLC
2816 Lago Vista Lane
Rockwall, TX 75032
EXAMINER
TRAN, ELLEN C
ART UNIT PAPER NUMBER
2433
NOTIFICATION DATE DELIVERY MODE
11/19/2020 ELECTRONIC
Please find below and/or attached an Office communication concerning this application or proceeding.
The time period for reply, if any, is set in the attached communication.
Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the
following e-mail address(es):
Monica_Maluste@mcafee.com
PAIR_152506@patcapgroup.com
eofficeaction@appcoll.com
PTOL-90A (Rev. 04/07)
UNITED STATES PATENT AND TRADEMARK OFFICE
BEFORE THE PATENT TRIAL AND APPEAL BOARD
Ex parte JAMES BEAN, JOEL R. SPURLOCK, CEDRIC COCHIN,
ADITYA KAPOOR, and RAMNATH VENUGOPALAN
Appeal 2019-004476
Application 14/581,651
Technology Center 2400
Before ERIC S. FRAHM, SCOTT B. HOWARD, and
MATTHEW J. McNEILL, Administrative Patent Judges.
HOWARD, Administrative Patent Judge.
DECISION ON APPEAL
STATEMENT OF THE CASE
Pursuant to 35 U.S.C. § 134(a), Appellant1 appeals from the
Examiner’s decision to reject claims 1, 5–9, 13–17, 21–24, and 26–29. See
Final Act. 1, 2. Claims 2–4, 10–12, 18–20, 25, and 30–32 have been
cancelled. Id. at 2. We have jurisdiction under 35 U.S.C. § 6(b).
We REVERSE.

1 We use the word Appellant to refer to “applicant” as defined in
37 C.F.R. § 1.42. Appellant identifies the real party in interest as McAfee,
LLC. Appeal Br. 2.
Appeal 2019-004476
Application 14/581,651

2
CLAIMED SUBJECT MATTER
The claims are directed to determining the reputation of a digital
certificate. Claim 1, reproduced below, is illustrative of the claimed subject
matter:
1. At least one non-transitory, computer-readable
medium comprising one or more instructions that, when
executed by at least one processor, cause the at least one
processor to perform a method comprising:
identifying a digital certificate associated with data;
classifying the digital certificate as trusted if the digital
certificate is included in an entry in a certificate whitelist, or
classifying the digital certificate as untrusted if the digital
certificate is included in an entry in a certificate blacklist;
determining a certificate authority that created the digital
certificate;
determining a reputation of the certificate authority based
on a determination that the digital certificate is not included in
the certificate whitelist or the certificate blacklist; and
assigning a reputation to the data based at least in part on
the reputation of the certificate authority, wherein the data is
classified as trusted if the certificate authority is included in an
entry in an authority whitelist or the data is classified as
untrusted if the certificate authority is included in an entry in an
authority blacklist.
REFERENCES
The prior art relied upon by the Examiner is:
Name Reference Date
McCorkendale US 7,739,494 B1 June 15, 2010
Rowan US 2006/0015722 A1 Jan. 19, 2006
Pravetz US 2013/0125222 A1 May 16, 2013
Friedrichs US 2014/0165203 A1 June 12, 2014
Appeal 2019-004476
Application 14/581,651

3
REJECTIONS
The Examiner made the following rejections:
Claims Rejected 35 U.S.C. § Reference(s)/Basis
1, 5, 6, 9, 13, 14, 17, 21,
22, 24, 262
103 Rowan, Pravetz
7, 8, 15, 16, 23 103 Rowan, Pravetz,
McCorkendale
27–29 103 Rowan, Pravetz,
Friedrichs
OPINION
Appellant argues the Examiner erred in determining that the
combination of Rowan and Pravetz teaches “determining a reputation of the
certificate authority based on a determination that the digital certificate is not
included in the certificate whitelist or the certificate blacklist,” as recited in
claim 1. See Appeal Br. 8–10 (addressing Rowan), 10–11 (addressing
Pravetz), 12 (addressing the combination); see also Reply Br. 2–8.
Specifically, Appellant argues the cited portions of Rowan “merely
describe checking a certificate issuer against a blacklist or whitelist and also
separately describe certificate details indicating Not Trusted or Trusted.”
Appeal Br. 9. According to Appellant “[t]hese portions of Rowan do not
disclose or suggest determining a reputation of the certificate issuer relative
to the certificate.” Id. Additionally, with regard to the TrustWatch service
described in Rowan, Appellant argues “Rowan merely describes computing
a trust rating for a location based on a series of lists containing known

2 The Examiner also identifies claims 2, 10, 18, and 30–32 as rejected.
Final Act. 4. Because those claims have been cancelled, we treat their
identification as an immaterial typographical error. See Final Act. 2
(identifying cancelled claims); Appeal Br. 14, 16, 18, 21 (same).
Appeal 2019-004476
Application 14/581,651

4
locations and based on whether a certificate can be found.” Id. at 10.
Appellant further argues “the cited portion of Rowan does not disclose or
suggest determining a reputation of whatever certificate authority created the
X.509 certificate.” Id.
Appellant also argues that nothing in Pravetz indicates that “relying
party 140” is a certificate authority. Appeal Br. 11. Specifically, Appellant
argues Pravetz does not disclose or suggest the relying party is the issuer
that created the certificate issued to the relying party. Rather, according to
Appellant, “Pravetz characterizes this issuer as a different entity, such as ‘a
third party vendor or another trusted authority.’” Id. (quoting Pravetz
¶ 105). Appellant further argues that “[t]he cited portion of Pravetz does not
disclose or suggest determining a reputation of the Pravetz relying party
based on a digital certificate not being included in a whitelist or blacklist.”
Id.
Appellant also argues that the combination of Rowan and Pravetz
does not teach the disputed limitation. Appeal Br. 12. According to
Appellant, “[e]ven modifying the Rowan address/location such that
authentication to Pravetz assertion providers is allowed for accessing the
address/location, the combination of Pravetz and Rowan still does not
suggest the Rowan address/location created a digital certificate relative to
which a reputation of the Rowan address/location is allegedly determined.”
Id.3
The Examiner finds Rowan teaches all of the limitations recited in
claim 1 except the disputed limitation discussed above. Final Act. 4–5; see

3 Appellant italicizes the names of the prior art references. The italics have
been omitted in this Decision.
Appeal 2019-004476
Application 14/581,651

5
also Ans. 9. The Examiner further finds Pravetz teaches the disputed
limitation—“a reputation of a relying party (i.e. certificate authority) that is
not included on the white list or black list component 130 may allow
authentication with assertion providers to be used to obtain a positive
reputation (i.e. authentication) in paragraph 123”—and a person having
ordinary skill in the art would have combined the teachings of Rowan and
Pravetz. Id. at 5 (citing Pravetz ¶ 123). The Examiner relies on Pravetz
paragraph 28 to show that the relying party is issued a certificate from an
issuer of certificates. Ans. 10.
During prosecution, claims must be given their broadest reasonable
interpretation while reading claim language in light of the specification as it
would be interpreted by one of ordinary skill in the art. In re Am. Acad. of
Sci. Tech Ctr., 367 F.3d 1359, 1364 (Fed. Cir. 2004). Under this standard,
we interpret claim terms using “the broadest reasonable meaning of the
words in their ordinary usage as they would be understood by one of
ordinary skill in the art, taking into account whatever enlightenment by way
of definitions or otherwise that may be afforded by the written description
contained in the applicant’s specification.” In re Morris, 127 F.3d 1048,
1054 (Fed. Cir. 1997). Based on the ordinary meaning of the words of the
claims, the disputed limitation requires a two-step process: (1) determining
whether “the digital certificate is not included in the certificate whitelist or
the certificate blacklist” and, (2) if so, “determining a reputation of the
certificate authority.” Appeal Br. 14 (Claims App.); see also Figure 2
(showing the steps).
Although the Examiner relies on Pravetz for the disputed limitation,
the Examiner implies Rowan also teaches that limitation. See Ans. 7–9
Appeal 2019-004476
Application 14/581,651

6
(citing Rowan ¶¶ 16, 52–54). Based on the current record, we are not
persuaded that the cited portions of Rowan show the disputed limitation.
Although Rowan teaches determining the reputation of the certificate
authority—not trusted if issued by a private certification authority or trusted
if issued by a public/ubiquitous certification authority—that is performed as
part of the initial determination, not after determining the certificate is not on
a certificate whitelist or a certificate blacklist. Rowan ¶¶ 52–59.
Similarly, TrustWatch, which is described in Rowan paragraph 79,
does not teach or suggest the disputed limitation. For TrustWatch, first the
location is compared to a whitelist and a blacklist and then, if the location is
not listed, the X.509 certificate is examined to determine the reputation of
the certificate. Rowan ¶ 79. This does not teach or suggest a two-step
process in which (1) the certificate is compared to a whitelist and blacklist
and, (2) if the certificate is not on either of those lists, determining the
reputation of the certificate authority.
Nor, based on the current record, are we persuaded that Pravetz—
either alone or in combination with Rowan—cures that deficiency. Pravetz
teaches that when a relying party 140 is not on a whitelist or a blacklist, it
can be authenticated in a different manner. See Pravetz ¶ 123. However,
relying party 140 is not a certificate or certificate authority; instead, relying
party 140 is a party that may be issued a certificate. See Pravetz ¶ 28.
For the reasons discussed above, based on the current record, neither
Rowan not Pravetz teach a two-step process in which the certificate is
compared to a whitelist and blacklist and, if it is not on either of those lists,
determining the reputation of the certificate authority. Therefore, we agree
with Appellant the Examiner’s finding that the combination of Rowan and
Appeal 2019-004476
Application 14/581,651

7
Pravetz teaches the disputed limitation is in error because it is not supported
by a preponderance of the evidence. See In re Caveney, 761 F.2d 671, 674
(Fed. Cir. 1985) (Examiner’s burden of proving non-patentability is by a
preponderance of the evidence); see also In re Warner, 379 F.2d 1011, 1017
(CCPA 1967) (“The Patent Office has the initial duty of supplying the
factual basis for its rejection. It may not, because it may doubt that the
invention is patentable, resort to speculation, unfounded assumptions or
hindsight reconstruction to supply deficiencies in its factual basis.”).
Accordingly, we are constrained on this record to reverse the
Examiner’s rejection of claim 1, along with the rejections of claims 9, 17,
and 24, which recite limitations commensurate in scope to the disputed
limitations discussed above, and dependent claims 5, 6, 13, 14, 21, 22, and
26.
Moreover, because the Examiner has not shown that McCorkendale or
Friedrichs cures the foregoing deficiencies regarding the rejection of the
independent claims, we will not sustain the obviousness rejection of
dependent claims 7, 8, 15, 16, 23, and 27–29 for similar reasons.

CONCLUSION
The Examiner’s rejection is reversed.
DECISION SUMMARY
Claims
Rejected
35 U.S.C. § Reference(s)/Basis Affirmed Reversed
1, 5, 6, 9,
13, 14, 17,
21, 22, 24,
26
103 Rowan, Pravetz 1, 5, 6, 9,
13, 14, 17,
21, 22, 24,
26
Appeal 2019-004476
Application 14/581,651

8
Claims
Rejected
35 U.S.C. § Reference(s)/Basis Affirmed Reversed
7, 8, 15, 16,
23
103 Rowan, Pravetz,
McCorkendale
7, 8, 15, 16,
23
27–29 103 Rowan, Pravetz,
Friedrichs
27–29
Overall
Outcome
1, 5–9, 13–
17, 21–24,
26–29

REVERSED