IN THE UNITED STATES PATENT AND TRADEMARK OFFICE
`
`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`
`In re Patent of: Larson et al.
`U.S. Patent No.: 7,987,274 Attorney Docket No.: 38868-0003IP2
`Issue Date:
`July 26, 2011
`Appl. Serial No.: 11/839,987
`Filing Date:
`August 16, 2007
`Title:
`METHOD FOR ESTABLISHING SECURE COMMUNICATION LINK
`
`BETWEEN COMPUTERS OF VIRTUAL PRIVATE NETWORK
`
`Mail Stop Patent Board
`Patent Trial and Appeal Board
`U.S. Patent and Trademark Office
`P.O. Box 1450
`Alexandria, VA 22313-1450
`
`
`
`
`
`
`
`PETITION FOR INTER PARTES REVIEW OF UNITED STATES PATENT NO. 7,987,274
`PURSUANT TO 35 U.S.C. §§ 311–319, 37 C.F.R. § 42
`
`

`

`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`
`TABLE OF CONTENTS
`
`I. 
`
`MANDATORY NOTICES UNDER 37 C.F.R § 42.8(a)(1) ........................................... 1 
`A.  Real Party-In-Interest Under 37 C.F.R. § 42.8(b)(1) ............................................ 1 
`B.  Related Matters Under 37 C.F.R. § 42.8(b)(2) .................................................... 1 
`C.  Lead And Back-Up Counsel Under 37 C.F.R. § 42.8(b)(3) ................................. 2 
`D.  Service Information .............................................................................................. 2 
`PAYMENT OF FEES – 37 C.F.R. § 42.103 ................................................................ 2 
`II. 
`III.  REQUIREMENTS FOR IPR UNDER 37 C.F.R. §§ 42.104 ........................................ 3 
`A.  Grounds for Standing Under 37 C.F.R. § 42.104(a) ............................................ 3 
`B.  Challenge Under 37 C.F.R. § 42.104(b) and Relief Requested .......................... 3 
`C.  Claim Construction under 37 C.F.R. §§ 42.104(b)(3) .......................................... 5 
`1. “Virtual Private Network” and “Virtual Private Network Communication Link” ... 6 
`2. “Secure Network Address” ................................................................................ 9 
`3. “Secure Domain Name” ................................................................................... 10 
`4. “Secure Domain (Name) Service” ................................................................... 11 
`5. [X], [Y], [Y], Or Any Combination Thereof ....................................................... 13 
`6. Tunnel Packeting ............................................................................................. 13 
`7. Tunneling ......................................................................................................... 14 
`IV.  SUMMARY OF THE ‘274 PATENT ........................................................................... 15 
`A.  Brief Description ................................................................................................. 15 
`B.  Summary of the Prosecution History of the ’274 Patent .................................... 16 
`C.  The Effective Priority Date of the Claims of the ‘274 Patent .............................. 17 
`1. Claims 1-5, 7, 8, 10, 12, 13, 15, and 17 .......................................................... 18 
`2. Claim 18 .......................................................................................................... 19 
`MANNER OF APPLYING CITED PRIOR ART TO EVERY CLAIM FOR WHICH AN
`IPR IS REQUESTED, THUS ESTABLISHING A REASONABLE LIKELIHOOD THAT
`AT LEAST ONE CLAIM OF THE ‘274 PATENT IS UNPATENTABLE ..................... 21 
`A. 
`[GROUND 1] – Kiuchi Anticipates Claims 1-4, 7, 8, 10, 12, 15, and 17 ............ 22 
`B. 
`[GROUND 2] – Kiuchi in view of Lindblad Renders Claim 5 Obvious ............... 42 
`C. 
`[GROUND 3] – Kiuchi in view of Bhatti Renders Claims 1-4, 7, 8, 10, 12, 15, and
`17 Obvious ......................................................................................................... 44 
`[GROUND 4] – Kiuchi in view of Bhatti and Lindblad Renders Claim 5 Obvious
` ........................................................................................................................... 49 
`VI.  REDUNDACY ............................................................................................................ 50 
`VII.  CONCLUSION .......................................................................................................... 51 
`
`V. 
`
`D. 
`
`i
`
`

`

`
`
`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`
`ii
`
`

`

`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`
`EXHIBITS
`
`
`MSFT-1001
`
`MSFT-1002
`
`U.S. Patent No. 7,987,274 to Larson et al. (“the ‘274 patent”)
`
`Excerpts from the Prosecution History of the ‘274 Patent (“the Prose-
`cution History”)
`
`MSFT-1003
`
`(Reserved)
`
`MSFT-1004
`
`Takahiro Kiuchi et al., Proceedings of the 1996 Symposium on Net-
`work and Distributed Systems Security, C-HTTP -- The Development
`of a Secure, Closed HTTP-based Network on the Internet (Feb. 1996)
`(“Kiuchi”)
`
`MSFT-1005
`
`(Reserved)
`
`MSFT-1006
`
`(Reserved)
`
`MSFT-1007
`
`(Reserved)
`
`MSFT-1008
`
`
`
`(Reserved)
`
`MSFT-1009
`
`U.S. Patent No. 6,225,993 to Lindblad et al. (“Lindblad”)
`
`MSFT-1010
`
`U.S. Patent No. 8,200,837 to Bhatti et al. (“Bhatti”)
`
`MSFT-1011
`
`MSFT-1012
`MSFT-1013
`
`
`
`
`
`Declaration of Dr. Roch Guerin (“Guerin Declaration”)
`
`(Reserved)
`(Reserved)
`
`MSFT-1014
`
`(Reserved)
`
`MSFT-1015
`
`(Reserved)
`
`iii
`
`

`

`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`
`Claim Construction Opinion and Order from VirnetX, Inc. v. Microsoft
`Corp., Docket No. 6:07CV80
`
`Joint Claim Construction Chart Pursuant To P.R. 4-5(d), VirnetX Inc.,
`vs. Cisco Systems, Inc., Docket No. 6:10-CV-417
`
`Claim Construction Opinion and Order from VirnetX Inc., vs. Cisco
`Systems, Inc., Docket No. 6:10-CV-417
`
`E. Gavron, RFC 1535, A Security Problem and Proposed Correction
`With Widely Deployed DNS Software (Oct. 1993)
`RFC 791, Internet Protocol (Sep. 1981)
`T. Berners-Lee et al., RFC 1945, Hypertext Transfer Protocol --
`HTTP/1.0 (May 1996)
`Kenneth F. Alden & Edward P. Wobber, The AltaVista Tunnel: Using
`the Internet to Extend Corporate Networks, 9 Digital Technical Journal
`2 (1997)
`Excerpts from the Prosecution History of Reexamination Control No.
`95/001,270
`Excerpts from the Prosecution History of Reexamination Control No.
`95/001,792
`U.S. Patent No. 7,188,180 to Larson et al. (“the ‘180 patent”)
`
`MSFT-1016
`
`MSFT-1017
`
`MSFT-1018
`
`
`MSFT-1019
`
`MSFT-1020
`MSFT-1021
`
`MSFT-1022
`
`MSFT-1023
`
`MSFT-1024
`
`MSFT-1025
`
`
`
`iv
`
`

`

`Microsoft Corporation (“Petitioner” or “Microsoft”) petitions for Inter Partes Review
`
`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`
`(“IPR”) under 35 U.S.C. §§ 311–319 and 37 C.F.R. § 42 of claims 1-5, 7, 8, 10, 12, 15, and
`
`17 (“the Challenged Claims”) of U.S. Patent No. 7,987,274 (“the ‘274 patent”). As explained
`
`in this petition, there exists a reasonable likelihood that Microsoft will prevail with respect to
`
`at least one of the Challenged Claims.
`
`The Challenged Claims are unpatentable based on teachings set forth in at least the
`
`references presented in this petition. Microsoft respectfully submits that an IPR should be
`
`instituted, and that the Challenged Claims should be canceled as unpatentable.
`
`I.
`
`MANDATORY NOTICES UNDER 37 C.F.R § 42.8(a)(1)
`
`Real Party-In-Interest Under 37 C.F.R. § 42.8(b)(1)
`A.
`Petitioner, Microsoft Corporation, is the real party-in-interest.
`
`
`
`Related Matters Under 37 C.F.R. § 42.8(b)(2)
`B.
`Microsoft is aware of two terminal disclaimers filed during original prosecution of the
`
`‘274 patent. The first terminal disclaimer was filed on January 8, 2010 with regard to U.S.
`
`Patent No. 7,188,180. The second terminal disclaimer was filed on January 10, 2011 with
`
`regard to U.S. Application No. 11/679,416, which has since issued as U.S. Patent No.
`
`8,051,181. Microsoft is not aware of any reexamination certificates that have issued with
`
`regard to the ‘274 patent.
`
`Microsoft has been named as a defendant in a recently-filed litigation concerning the
`
`‘274 patent, VirnetX Inc. et al. v. Microsoft Corporation, Docket No. 6:13cv351 (E.D. Tex.)
`
`1
`
`

`

`(“the 2013 VirnetX Litigation”).
`
`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`
`Concurrently with this petition, Microsoft is filing another petition for IPR (identified
`
`with attorney docket number 38868-0003IP1) of the ‘274 patent. The relationship between
`
`the limited grounds presented in these two petitions is discussed in Section VI. Microsoft
`
`has also filed petitions for IPR of claims of another patent at issue in the 2013 VirnetX Liti-
`
`gation, namely U.S. Patent No. 7,188,180 (“the ‘180 Patent”). The ‘274 Patent is a continu-
`
`ation of a continuation of the ‘180 Patent, and thus, the ‘274 Patent and the ‘180 Patent
`
`share a similar specification.
`
`Lead And Back-Up Counsel Under 37 C.F.R. § 42.8(b)(3)
`C.
`Microsoft provides the following designation of counsel.
`
`LEAD COUNSEL
`W. Karl Renner, Reg. No. 41,265
`3200 RBC Plaza
`60 South Sixth Street
`Minneapolis, MN 55402
`T: 202-783-5070
`F: 202-783-2331
`
`
`BACKUP COUNSEL
`Kevin E. Greene, Reg. No. 46,031
`3200 RBC Plaza
`60 South Sixth Street
`Minneapolis, MN 55402
`T: 202-626-6376
`F: 202-783-2331
`
`Service Information
`D.
`Please address all correspondence and service to counsel at the address provided
`
`in Section I(C). Microsoft also consents to electronic service by email at IPR38868-
`
`0003IP2@fr.com.
`
`PAYMENT OF FEES – 37 C.F.R. § 42.103
`II.
`The Patent and Trademark Office is authorized to charge Deposit Account No. 06-
`
`2
`
`

`

`1050 for the fee set in 37 C.F.R. § 42.15(a) for this Petition and for payment for any addi-
`
`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`
`tional fees.
`
`III. REQUIREMENTS FOR IPR UNDER 37 C.F.R. §§ 42.104
`
`Grounds for Standing Under 37 C.F.R. § 42.104(a)
`A.
`Microsoft certifies that the ‘274 Patent is eligible for IPR. The present petition is be-
`
`ing filed within one year of service of a complaint against Microsoft in the 2013 VirnetX liti-
`
`gation.1
`
`Challenge Under 37 C.F.R. § 42.104(b) and Relief Requested
`B.
`Microsoft requests an IPR of the Challenged Claims on the grounds set forth in the
`
`table shown below, and requests that each of the Challenged Claims be found unpatenta-
`
`ble. An explanation of how these claims are unpatentable under the statutory grounds iden-
`
`tified below is provided in the form of detailed description and claim charts that follow, indi-
`
`cating where each element can be found in the cited prior art, and the relevance of that prior
`
`art. Additional explanation and support for each ground of rejection is set forth in Exhibit
`
`MSFT-1011, the Declaration of Guerin (“Guerin Declaration”), referenced throughout this
`
`Petition.
`
`
`
`Ground
`Ground 1
`
`‘274 Patent Claims
`1-4, 7, 8, 10, 12, 15, and
`
`Basis for Rejection
`Anticipated under § 102 by Kiuchi
`
`
`1The 2013 VirnetX litigation was served on April 23, 2013.
`
`3
`
`

`

`Ground
`
`‘274 Patent Claims
`
`Ground 2
`
`Ground 3
`
`Ground 4
`
`17
`5
`
`1-4, 7, 8, 10, 12, 15, and
`17
`5
`
`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`
`Basis for Rejection
`
`Obvious under § 103 based on Kiuchi in view
`of Lindblad
`Obvious under § 103 based on Kiuchi in view
`of Bhatti
`Obvious under § 103 based on Kiuchi in view
`of Bhatti and Lindblad
`
`
`
`
`
`
`The ‘274 patent issued from a string of applications dating back to an original appli-
`
`cation filed on October 30, 1998. However, the effective filing date for the embodiments re-
`
`cited by claims 1-5, 7, 8, 10, 12, 13, 15, and 17 of the ‘274 patent is no earlier than April 26,
`
`2000, and the effective filing date for the embodiment recited by claim 18 of the ‘274 patent
`
`is no earlier than August 16, 2007, as explained below in Section IV(C).
`
`Kiuchi qualifies as prior art under 35 U.S.C § 102(b). Specifically, Kiuchi was pub-
`
`lished at the latest on January 17, 1996, and therefore qualifies as prior art under 35 U.S.C
`
`§ 102(b). At present, Kiuchi has not been considered by the USPTO during prosecution of
`
`the ‘274 patent.
`
`Lindblad qualifies as prior art under 35 U.S.C. § 102(e). Specifically, Lindblad was
`
`filed on April 22, 1996. Therefore, Lindblad qualifies as prior art under 35 U.S.C § 102(e),
`
`because it was filed before any of the applications to which the ‘274 patent claims priority.
`
`Bhatti qualifies as prior art under 35 U.S.C § 102(e). Specifically, Bhatti was filed on
`
`April 26, 1999, and issued on June 12, 2012, and therefore qualifies as prior art under 35
`
`4
`
`

`

`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`U.S.C § 102(e), as the ‘274 patent is entitled to a priority date no earlier than April 26, 2000.
`
`See, supra, Section IV(C). Bhatti has never before been considered by the Patent Office.
`
`Claim Construction under 37 C.F.R. §§ 42.104(b)(3)
`C.
`A claim subject to IPR is given its “broadest reasonable construction in light of the
`
`
`
`specification of the patent in which it appears.” 2 37 C.F.R. § 42.100(b). Accordingly, for
`
`purposes of this proceeding only, Microsoft submits constructions for the following terms. All
`
`remaining terms should be given their plain meaning.
`
`Under the law applicable to claim construction in IPR proceedings, the following
`
`claim terms should be construed applying the broadest reasonable interpretation to be
`
`broad enough to be covered by the corresponding definition:
`
`Claim Term
`
`“virtual private network”
`
`“virtual private network communication link”
`
`“secure network address”
`
`Definition Encompassed by Broadest
`Reasonable Interpretation
`a network of computers that privately com-
`municate with each other by encrypting traf-
`fic on insecure communication paths be-
`tween the computers
`any communication link between two end
`points in a virtual private network
`a network address that requires authoriza-
`tion for access and is associated with a
`computer configured to be accessed through
`a virtual private network
`
`
`2Because the standards of claim interpretation applied in litigation differ from PTO proceed-
`
`ings, any interpretation of claim terms in this IPR is not binding upon Microsoft in any litiga-
`
`tion related to the subject patent. See In re Zletz, 13 USPQ2d 1320, 1322 (Fed. Cir. 1989).
`
`5
`
`

`

`“secure domain name”
`
`“secure domain (name) service”
`
`“[x], [y], [z], or any combination thereof”
`
`“tunnel packeting”
`
`“tunneling”
`
`
`
`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`
`a non-standard domain name that corre-
`sponds to a secure computer network ad-
`dress and cannot be resolved by a conven-
`tional domain name service (DNS)
`a service that can resolve secure computer
`network addresses for a secure domain
`name for which a conventional domain name
`service cannot resolve addresses
`any one of the elements [x], [y], or [z] or any
`combination of the elements [x], [y], or [z].
`encapsulating a first packet of a first protocol
`in a second packet of a second protocol
`encapsulating a payload of a first protocol in
`a second protocol
`
`The Federal Circuit has held that “the prosecution history of one patent is relevant to
`
`an understanding of the scope of a common term in a second patent stemming from the
`
`same parent application.” Microsoft Corp. v. Multi-Tech Systems, Inc., 357 F.3d 1340, 1349
`
`(Fed. Cir. 2004). As described above, the ‘274 patent purports to be a continuation of a
`
`continuation of the ‘180 patent, and both stem from U.S. Application Ser. No. 09/558,209.
`
`Therefore, the following analysis includes reference to the ‘180 patent and its prosecution
`
`history, as well as a court’s analysis of these with regard to the same or similar terms.
`
`1. “Virtual Private Network” and “Virtual Private Network Com-
`munication Link”
`The ‘274 patent does not provide an explicit definition for “virtual private network.”
`
`However, the specification of the parent ‘180 patent states, “[i]f the user is not authorized to
`
`access the secure site, then a ‘host unknown’ message is returned (step 2705). If the user
`
`has sufficient security privileges, then in step 2706 a secure VPN is established between
`
`6
`
`

`

`the user’s computer and the secure target site.” Ex 1025, 39:21-25.3 This excerpt shows
`
`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`
`how a “virtual private network” establishes a secure connection between nodes where secu-
`
`rity may not otherwise exist. Ex. 1016, p. 5.
`
`Similarly, the ‘274 patent does not provide an explicit definition for “communication
`
`link.” However, the specification refers to “software module 3309 access[ing] secure server
`
`3320 through VPN communication link 3321.” Ex. 1001, 52:55-56. In FIG. 33, the commu-
`
`nication link 3321 is illustrated as only the portion of the path between computer 3301 and
`
`server 3320 that is over network 3302.
`
`In the currently pending Inter Partes Reexamination No. 95/001,792 (“the ‘792
`
`Reexamination”), which involves the parent ‘180 patent, VirnetX has not proposed a specific
`
`definition for a virtual private network or a virtual private network communication link. In-
`
`stead, VirnetX simply argued that messages sent before a communication link has been es-
`
`tablished cannot be sent using that same communication link. See Ex. 1024 pp. 314-316
`
`(Patent Owner’s Response filed on Dec. 19, 2012, pp. 5-7). Similarly, the Examiner did not
`
`provide an explicit definition, though the Examiner asserted that “the claim term ‘private’
`
`modifies the claim term ‘network’ and as such, [a reference] must teach the ‘privacy’ of the
`
`
`3The description of FIGS. 26-28, which was originally included in the parent ‘180 patent,
`
`was missing from the filed specification of the ‘274 patent, even though the ‘274 patent pur-
`
`ports to be a continuation of a continuation of the ‘180 patent.
`
`7
`
`

`

`‘network’ and not just the privacy of the ‘communication link’ to anticipate the claims.” Ex.
`
`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`
`1024, p. 225 (Action Closing Prosecution of Feb. 27, 2013, p. 4).
`
`In VirnetX Inc. v. Microsoft Corp., Docket No. 6:07CV80 (the 2007 VirnetX litigation),
`
`which involved the parent ‘180 patent, VirnetX contended that “virtual private network”
`
`means “a network of computers capable of privately communicating with each other by en-
`
`crypting traffic on insecure communication paths between the computers, and which is ca-
`
`pable of expanding to include additional computers and communication paths.” Ex. 1016, p.
`
`4. However, the Court more broadly construed “virtual private network” to mean “a network
`
`of computers which privately communicate with each other by encrypting traffic on insecure
`
`communication paths between the computers.” Id. The Court clarified that “[t]he Court’s
`
`construction does not limit a ‘virtual private network’ to any particular number of computers
`
`or communication paths. Thus, VirnetX’s proposed language [regarding expansion to in-
`
`clude additional computers] is superfluous.” Ex. 1016, n. 3.
`
`In light of the ‘180 patent’s specification, the ‘792 reexamination, and the Court’s ex-
`
`planation of why it rejected VirnetX’s proposed construction, Microsoft submits that the
`
`broadest reasonable interpretation of the term “virtual private network” should at least be as
`
`broad as the Court’s construction from the 2007 VirnetX litigation: “a network of computers
`
`that privately communicate with each other by encrypting traffic on insecure communication
`
`paths between the computers.” The same Court determined that the term “communication
`
`link,” while not requiring specific construction, should not be limited to “the entire communi-
`
`8
`
`

`

`cation path between computers in a virtual private network.” See Ex. 1016, p. 26. Thus,
`
`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`
`Microsoft submits that the broadest reasonable interpretation of the term “virtual private
`
`network communication link” should be broad enough to encompass “any communication
`
`link between two end points in a virtual private network.” These constructions are not in-
`
`consistent with the ‘274 patent’s specification, as well as the ‘792 reexamination and the
`
`2007 VirnetX litigation. See Ex. 1011, ¶¶ 19-21.
`
`2. “Secure Network Address”
`The ‘274 patent does not provide an explicit definition for “secure network address.”
`
`The specification simply states that “SDNS 3313 stores a computer network address corre-
`
`sponding to the secure domain name.” Ex. 1001, 47:17-19.
`
`In a reexamination of the parent ‘180 patent, VirnetX suggested that a computer hav-
`
`ing a “secure network address” requires authorization for access or communication. See
`
`Ex. 1023, p. 230 (“Response to Office Action in Reexamination” dated Apr. 19, 2010, p. 6).
`
`This was preceded, in the 2007 VirnetX litigation, by VirnetX suggesting that “secure com-
`
`puter network address” means “a network address associated with a computer capable of
`
`virtual private network communications.” Ex. 1016, p. 28. With no clear definition present-
`
`ed by the ‘274 patent specification, Microsoft submits that the broadest reasonable interpre-
`
`tation (for this proceeding) of the term “secure computer network address” should encom-
`
`pass the features referenced by VirnetX in each proceeding. As such, Microsoft submits
`
`that the broadest reasonable interpretation of “secure network address” should be broad
`
`9
`
`

`

`enough to encompass “a network address that requires authorization for access and is as-
`
`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`
`sociated with a computer configured to support virtual private network communications,” as
`
`this is not inconsistent with the ‘274 patent’s specification and the scope that VirnetX has
`
`advanced during both reexamination and litigation involving the parent ‘180 patent. See Ex.
`
`1011, ¶ 22.
`
`3. “Secure Domain Name”
`The ‘274 patent describes that a “secure domain name” is a domain name that cor-
`
`responds to a secure computer 3320. Ex. 1001, 47:48-51. The ‘274 patent describes that,
`
`“[b]ecause the secure top-level domain name is a non-standard domain name, a query to a
`
`standard domain name service (DNS) will return a message indicating that the universal re-
`
`source locator (URL) is unknown.” Ex. 1001, 46:41-44.
`
`In Inter Partes Reexamination No. 95/001,270 (“‘270 Reexamination”), which in-
`
`volved the parent ‘180 patent, VirnetX asserted that a “secure domain name” is a name that
`
`“cannot be resolved by a conventional domain name service.” Ex. 1023, p. 230 (“Response
`
`to Office Action in Reexamination” filed Apr. 19, 2010 at 6). Accepting VirnetX’s arguments,
`
`the Examiner in the ‘270 Reexamination asserted that “a secure domain name is a non-
`
`standard domain name and that querying a convention domain name server using a secure
`
`domain name will result in a return message indicating that the URL is unknown.” Ex. 1023,
`
`p. 119 (Action Closing Prosecution of Jun. 16, 2010, p. 3).
`
`Accordingly, Microsoft submits that the broadest reasonable interpretation of the
`
`10
`
`

`

`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`term “secure domain name” should be broad enough to encompass “a non-standard domain
`
`name that corresponds to a secure computer network address and cannot be resolved by a
`
`conventional DNS,” as this is not inconsistent with the ‘274 patent’s specification and the
`
`scope that VirnetX has advanced during both reexamination and litigation. See Ex. 1011, ¶
`
`23. In fact, this interpretation is identical to the construction to which VirnetX agreed in the
`
`VirnetX Inc., vs. Cisco Systems, Inc. litigation numbered 6:10-CV-417, which involved the
`
`parent ‘180 patent. Ex. 1017, pp. 19-20.
`
`4. “Secure Domain (Name) Service”
`The ‘274 patent describes that, “for each secure domain name, SDNS 3313 stores a
`
`computer network address corresponding to the secure domain name.” Ex. 1001, 47:17-19.
`
`Accordingly, “[a]n entity can register a secure domain name in SDNS 3313 so that a user
`
`who desires a secure communication link to the website of the entity can automatically ob-
`
`tain the secure computer network address for the secure website.” Ex. 1001, 47:19-22.
`
`Claim 1 of the ‘274 patent uses both of the terms “a secure domain service” and “the
`
`secure domain name service” to apparently refer to the same limitation. In particular, claim
`
`1 recites “sending a query message . . . to a secure domain service” and “receiving . . . a
`
`response message from the secure domain name service.” Moreover, the term “secure
`
`domain service” is not used anywhere in the ‘274 patent outside of the claims.
`
`In the ‘270 Reexamination that involved the parent ‘180 patent, VirnetX argued that
`
`the claim term “secure domain name service” should be understood to refer to something
`
`11
`
`

`

`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`“different from a conventional domain name service.” Ex. 1023, p. 232 (“Response to Office
`
`Action in Reexamination” filed Apr. 19, 2010 at 8). In making this argument, VirnetX noted
`
`that “the ‘180 Patent explicitly states that a secure domain name service can resolve ad-
`
`dresses for a secure domain name; whereas, a conventional domain name service cannot
`
`resolve addresses for a secure domain name.” Id. at 7. The Examiner in the ‘270 Reexam-
`
`ination agreed with VirnetX, finding that “the ‘180 patent explains that a secure domain
`
`name service can resolve addresses for a secure domain name whereas a conventional
`
`domain name service cannot resolve addresses for a secure domain name.” Ex. 1023, p.
`
`119 (Action Closing Prosecution of Jun. 16, 2010 at 3).
`
`In the 2007 VirnetX litigation that involved the parent ‘180 patent, VirnetX asserted
`
`that a “secure domain name service” is “a service that receives requests for secure comput-
`
`er network addresses corresponding to secure domain names, and is capable of providing
`
`trustworthy responses.” Ex 1016, p. 31. The Court adopted a similar construction, constru-
`
`ing a “secure domain name service” as “a lookup service that returns a secure network ad-
`
`dress for a requested secure domain name.” Id.
`
`Microsoft submits that the broadest reasonable interpretation of the term “secure
`
`domain name service” in the patent should be broad enough to encompass “a service that
`
`can resolve secure computer network addresses for a secure domain name for which a
`
`conventional domain name service cannot resolve addresses,” as this is not inconsistent
`
`with the ‘274 patent’s specification and the scope that VirnetX has advanced during both
`
`12
`
`

`

`reexamination and litigation that involved the parent ‘180 patent. See Ex. 1011, ¶ 24.
`
`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`
`5. [X], [Y], [Y], Or Any Combination Thereof
`Claims 3-5 each include a list of elements that takes the form of “[x], [y], [z], or any
`
`combination thereof.” In particular, claim 3 recites that “the plurality of services comprises a
`
`plurality of communication protocols, a plurality of application programs, multiple sessions,
`
`or any combination thereof.” Claim 4 recites that “the plurality of application programs com-
`
`prises video conferencing, e-mail, a word processing program, telephony or any combina-
`
`tion thereof.” Claim 5 recites that “the plurality of services comprises audio, video, or any
`
`combination thereof.”
`
`The plain meaning of “or” is disjunctive. See Schumer v. Laboratory Computer Sys-
`
`tems, Inc. 308 F.3d 1304, 1311 (Fed. Cir. 2002) (citing WEBSTER'S THIRD NEW INTERNATIONAL
`
`DICTIONARY 1585 (1967)) (stating that “or” is “used as a function word to indicate . . . an al-
`
`ternative between different or unlike things, states, or actions”). Nothing in the specification
`
`of the ‘274 patent suggests that the inventors intended a different meaning of the word “or.”
`
`Therefore, Microsoft submits that the broadest reasonable interpretation of the form “[x], [y],
`
`[z], or any combination thereof” should be broad enough to encompass “any one of the ele-
`
`ments [x], [y], or [z] or any combination of the elements [x], [y], or [z].”
`
`6. Tunnel Packeting
`Though recited in dependent claim 13, the term “tunnel packeting” does not appear
`
`anywhere in the specification of the ‘274 patent. Nor is the term “tunnel packeting” a term of
`
`13
`
`

`

`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`art. [[cite to dec.]] Though this term appears to lack the necessary support under 35 U.S.C.
`
`§ 112, Microsoft proposes a construction of this term purely for rational analysis of a prior
`
`art rejection of claim 13. In this light, it is noted that the term “tunnel packeting” uses the
`
`term tunnel. The ‘274 patent describes that “[t]he client-side proxy application program tun-
`
`nels the unencrypted, unprotected communication packets through a new protocol.” Ex.
`
`1001, 49:31-34. Based on this description, tunneling in the context of the ‘274 patent in-
`
`volves encapsulating an item of one protocol in an item of another protocol. See Ex. 1011,
`
`¶ 25. Accordingly, Microsoft submits that the broadest reasonable interpretation of the term
`
`“tunnel packeting” should be broad enough to encompass “encapsulating a first packet of a
`
`first protocol in a second packet of a second protocol.” See Ex. 1011, ¶ 25.
`
`7. Tunneling
`The ‘274 patent describes that “[t]he client-side proxy application program tunnels
`
`the unencrypted, unprotected communication packets through a new protocol, thereby pro-
`
`tecting the communications from a denial of service at the server side.” Ex. 1001, 49:31-34.
`
`This is an example of a tunnel implemented at the network layer, since it is encapsulating
`
`individual packets. However, at the time of the ‘274 patent, it was well known that tunnels
`
`could also be implemented at other levels, such as the application level (e.g., an HTTP tun-
`
`nel). See Ex. 1011, ¶ 26. Accordingly, Microsoft submits that the broadest reasonable in-
`
`terpretation of the term “tunneling” should be broad enough to encompass “encapsulating a
`
`payload of a first protocol in a second protocol,” as this is not inconsistent with the ‘274 pa-
`
`14
`
`

`

`tent’s specification. See Ex. 1011, ¶ 26. This interpretation differentiates the term “tunnel-
`
`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`
`ing” recited in dependent claim 12 from the different term “tunnel packeting” recited in de-
`
`pendent claim 13, which, as described above, is a tunnel at the network layer.
`
`
`
`While the broadest reasonable interpretations may encompass more than the fea-
`
`tures set forth in the constructions above, Microsoft submits that the broadest reasonable
`
`interpretations of the terms “secure domain name,” “secure domain name service,” “secure
`
`computer network address,” and “virtual private network communication link” at least en-
`
`compass these features for purposes of this proceeding. As will be described below, Kiuchi
`
`describes these features of a “secure domain name,” a “secure domain name service,” a
`
`“secure computer network address,” and a “virtual private network communication link.”
`
`IV. SUMMARY OF THE ‘274 PATENT
`
`Brief Description
`A.
`Generally, the ‘274 Patent is directed to establishing a secure communication link
`
`between a first computer and a second computer over a computer network. Ex. 1001, Ab-
`
`stract. In particular, the ‘274 patent describes:
`
`In one embodiment, software module 3309 automatically replaces the top-
`level domain name for server 3304 within browser 3406 with a secure top-
`level domain name for server computer 3304. . . . Because the secure top-
`level domain name is a non-standard domain name, a query to a standard
`domain name service (DNS) will return a message indicating that the univer-
`
`15
`
`

`

`Attorney Docket No. 38868-0003IP2
`IPR of U.S. Patent No. 7,987,274
`
`
`sal resource locator URL) is unknown. According to the invention, software
`module 3409 contains the URL for querying a secure domain name service
`(SDNS) for obtaining the URL for a secure top-level domain name. . . . SDNS
`3313 contains a cross-reference database of secure domain names and cor-
`responding secure network addresses. That is, for each secure domain
`name, SDNS 3313 store