IN THE UNITED STATES PATENT AND TRADEMARK OFFICE
`
`In re Patent of: Munger et al.
`U.S. Patent No.: 7,490,151 Attorney Docket No.: 38868-0006IP1
`Issue Date:
`February 10, 2009
`Appl. Serial No.: 10/259,494
`Filing Date:
`September 30, 2002
`Title:
`ESTABLISHMENT OF A SECURE COMMUNICATION LINK BASED ON
`A DOMAIN NAME SERVICE (DNS) REQUEST
`
`
`Mail Stop Patent Board
`Patent Trial and Appeal Board
`U.S. Patent and Trademark Office
`P.O. Box 1450
`Alexandria, VA 22313-1450
`
`
`
`PETITION FOR INTER PARTES REVIEW OF UNITED STATES PATENT NO. 7,490,151
`PURSUANT TO 35 U.S.C. §§ 311–319, 37 C.F.R. § 42
`
`
`
`
`
`

`

`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`
`TABLE OF CONTENTS
`
`I. 
`
`II. 
`III. 
`
`IV. 
`
`V. 
`
`MANDATORY NOTICES UNDER 37 C.F.R § 42.8(a)(1) ........................................... 1 
`A.  Real Party-In-Interest Under 37 C.F.R. § 42.8(b)(1) ............................................ 1 
`B.  Related Matters Under 37 C.F.R. § 42.8(b)(2) .................................................... 1 
`C.  Lead And Back-Up Counsel Under 37 C.F.R. § 42.8(b)(3) ................................. 2 
`D.  Service Information .............................................................................................. 2 
`PAYMENT OF FEES – 37 C.F.R. § 42.103 ................................................................ 3 
`REQUIREMENTS FOR IPR UNDER 37 C.F.R. § 42.104 .......................................... 3 
`A.  Grounds for Standing Under 37 C.F.R. § 42.104(a) ............................................ 3 
`B.  Challenge Under 37 C.F.R. § 42.104(b) and Relief Requested .......................... 3 
`C.  Claim Construction under 37 C.F.R. §§ 42.104(b)(3) .......................................... 5 
`1. 
`Domain Name ............................................................................................ 6 
`2. 
`DNS Request ............................................................................................. 6 
`3. 
`Secure Server ............................................................................................ 6 
`4. 
`Automatically Initiating/Creating an Encrypted/Secure Channel ............... 7 
`5. 
`Client ......................................................................................................... 7 
`6. 
`Between [A] and [B] ................................................................................... 8 
`SUMMARY OF THE ‘151 PATENT ............................................................................. 8 
`A.  Brief Description ................................................................................................... 8 
`B.  Summary of the Prosecution History of the ‘151 Patent ...................................... 9 
`C.  The Effective Priority Date of the Claims of the ‘151 Patent ................................ 9 
`MANNER OF APPLYING CITED PRIOR ART TO EVERY CLAIM FOR WHICH AN
`IPR IS REQUESTED, THUS ESTABLISHING A REASONABLE LIKELIHOOD THAT
`AT LEAST ONE CLAIM OF THE ‘151 PATENT IS UNPATENTABLE ..................... 11 
`A. 
`[GROUND 1] – Kiuchi Anticipates Claims 1, 2, 6-8, and 12-14 ......................... 11 
`1. 
`Kiuchi Anticipates Claim 1 ....................................................................... 18 
`2. 
`Kiuchi Anticipates Claim 7 ....................................................................... 23 
`3. 
`Kiuchi Anticipates Claim 13 ..................................................................... 24 
`4. 
`Kiuchi Anticipates Claims 2, 8, and 14 .................................................... 26 
`5. 
`Kiuchi Anticipates Claims 6 and 12 ......................................................... 27 
`[GROUND 2] – Kiuchi In View of RFC 2660 Renders Obvious Claims 1, 2, 6-8,
`and 12-14 ........................................................................................................... 27 
`[GROUND 3] – Kiuchi In View of RFC 1034 Renders Obvious Claims 1, 2, 6-8,
`and 12-14 ........................................................................................................... 31 
`1. 
`Kiuchi In View of RFC 1034 Renders Obvious Claim 1 .......................... 34 
`2. 
`Kiuchi In View of RFC 1034 Renders Obvious Claim 7 .......................... 39 
`3. 
`Kiuchi In View of RFC 1034 Renders Obvious Claim 13 ........................ 40 
`
`C. 
`
`B. 
`
`i
`
`

`

`D. 
`
`E. 
`
`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`Kiuchi In View of RFC 1034 Renders Obvious Claims 2, 8, and 14........ 42 
`4. 
`Kiuchi In View of RFC 1034 Renders Obvious Claims 6 and 12 ............. 43 
`5. 
`[GROUND 4] – Kiuchi In View of RFC 1034 and Further In View of RFC 2660
`Renders Obvious Claims 1, 2, 6-8, and 12-14 ................................................... 43 
`[GROUND 5] – Aventail Anticipates Claims 1, 2, 6-8, and 12-14 ...................... 44 
`1. 
`Aventail Anticipates Claim 1 .................................................................... 47 
`2. 
`Aventail Anticipates Claim 7 .................................................................... 52 
`3. 
`Aventail Anticipates Claims 13 ................................................................ 52 
`4. 
`Aventail Anticipates Claims 2, 8, and 14 ................................................. 54 
`5. 
`Aventail Anticipates Claims 6 and 12 ...................................................... 55 
`[GROUND 6] – Aventail Connect In View of Aventail Extranet Center Renders
`Obvious Claims 1, 2, 6-8, and 12-14 ................................................................. 56 
`[GROUND 7] – Aventail In View of RFC 2660 Renders Obvious Claims 1, 2, 6-
`8, and 12-14 ....................................................................................................... 57 
`CONCLUSION .......................................................................................................... 60 
`
`G. 
`
`F. 
`
`VI. 
`
`
`ii
`
`

`

`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`
`EXHIBITS
`
`
`MSFT-1001
`
`MSFT-1002
`
`U.S. Patent No. 7,490,151 to Munger et al. (“the ‘151 patent”)
`
`Excerpts from the Prosecution History of the ‘151 Patent (“the Prose-
`cution History”)
`
`MSFT-1003
`
`Declaration of Dr. Roch Guerin re the ‘151 Patent
`
`MSFT-1004
`
`Curriculum Vitae of Roch Guerin
`
`MSFT-1005
`
`Declaration of Chris A. Hopen re the ’151 Patent
`
`MSFT-1006
`
`Declaration of James Chester re the ’151 Patent
`
`MSFT-1007
`
`Aventail Connect v3.01/2.51 Administrator’s Guide and Aventail Ex-
`traNet Server v3.0 Administrator’s Guide (UNIX and Windows NT)
`(1996-1999)
`
`MSFT-1008
`
`Mockapetris, P., RFC 1034, “Domain Names – Concepts and Facili-
`ties,” November 1987
`
`MSFT-1009
`
`(Reserved)
`
`MSFT-1010
`
`MSFT-1011
`
`Rescorla, E., et al., Draft 01 of RFC 2660, “The Secure HyperText
`Transfer Protocol,” February 1996
`
`Bradner, S., RFC 2026, “The Internet Standards Process – Revision
`3,” October 1996
`
`MSFT-1012 to MSFT 1014 (Reserved)
`
`MSFT-1015
`
`VirnetX’s Reply Claim Construction Brief in VirnetX Inc. v. Cisco Sys-
`tems, Inc., et al., 6:10-CV-417 (12/19/11) (EDTX)
`
`MSFT-1016 to MSFT 1017 (Reserved)
`
`iii
`
`

`

`MSFT-1018
`
`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`Takahiro Kiuchi and Shigekoto Kaihara, “C-HTTP – The Development
`of a Secure, Closed HTTP-based Network on the Internet,” published
`by IEEE in the Proceedings of SNDSS 1996
`
`MSFT-1019
`
`IPR2013-00354, Patent Owner’s Preliminary Response
`
`MSFT-1020 to MSFT-1026 (RESERVED)
`
`MSFT-1027
`
`Excerpts from the History of Inter Partes Reexamination No.
`95/001,697
`
`MSFT-1028
`
`IPR2013-00376, Petition for Inter Partes Review
`
`
`
`iv
`
`

`

`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`Microsoft Corporation (“Petitioner” or “Microsoft”) petitions for Inter Partes Review
`
`(“IPR”) under 35 U.S.C. §§ 311–319 and 37 C.F.R. § 42 of claims 1, 2, 6-8, and 12-14 (“the
`
`Challenged Claims”) of U.S. Patent No. 7,490,151(“the ‘151 patent”). As explained in this
`
`petition, there exists a reasonable likelihood that Microsoft will prevail with respect to at
`
`least one of the Challenged Claims.
`
`The Challenged Claims are unpatentable based on teachings set forth in at least the
`
`references presented in this petition. Microsoft respectfully submits that an IPR should be
`
`instituted, and that the Challenged Claims should be canceled as unpatentable.
`
`I.
`
`MANDATORY NOTICES UNDER 37 C.F.R § 42.8(a)(1)
`
`Real Party-In-Interest Under 37 C.F.R. § 42.8(b)(1)
`A.
`Petitioner, Microsoft Corporation, is the real party-in-interest.
`
`
`
`Related Matters Under 37 C.F.R. § 42.8(b)(2)
`B.
`The ‘151 patent is the subject of a number of civil actions including: (i) Civ. Act. No.
`
`6:13-cv-00211-LED (E.D. Tex.), filed February 26, 2013; (ii) Civ. Act. No. 6:12-cv-00855-
`
`LED (E.D. Tex.), filed November 6, 2012; (iii) Civ. Act. No. 6:10-cv-00417-LED (E.D. Tex.),
`
`filed August 11, 2010; (iv) Civ. Act. No. 6:11-cv-00018-LED (E.D. Tex), (v) Civ. Act. No.
`
`6:13-cv-00351-LED (E.D. Tex), filed April 22, 2013 (“the 2013 VirnetX litigation”); (vi) Civ.
`
`Act. No. 6:10-cv-00094 (E.D. Tex); and (vii) Civ. Act. No. 6:07-cv-00080 (E.D. Tex).
`
`The ’151 patent is also the subject of merged inter partes reexamination nos.
`
`95/001,697 and 95/001,714. In the merged proceedings, the Office issued a Non-Final Ac-
`
`1
`
`

`

`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`tion on April 20, 2012 rejecting all 16 claims of the ’151 patent, including rejections based on
`
`several prior art references relied upon in this Petition. In sum, the Office has rejected each
`
`of claims 1-16 as being anticipated or obvious based on Ex. 1007 (Aventail) and Ex. 1067
`
`(Kiuchi) as well as over several other prior art references.
`
`The ‘151 patent is the subject of a petition for inter partes review filed by RPX Corpo-
`
`ration, which has been designated as IPR2014-00173. The ‘151 patent was also the sub-
`
`ject of petitions for inter partes review filed by New Bay Capital, LLC, which was designated
`
`as IPR2013-00376 and subsequently dismissed, and by Apple Inc., which was designated
`
`as IPR2013-00354 and not instituted.
`
`Lead And Back-Up Counsel Under 37 C.F.R. § 42.8(b)(3)
`C.
`Microsoft provides the following designation of counsel.
`
`LEAD COUNSEL
`W. Karl Renner, Reg. No. 41,265
`3200 RBC Plaza
`60 South Sixth Street
`Minneapolis, MN 55402
`T: 202-783-5070
`F: 202-783-2331
`
`
`BACKUP COUNSEL
`Kevin E. Greene, Reg. No. 46,031
`3200 RBC Plaza
`60 South Sixth Street
`Minneapolis, MN 55402
`T: 202-626-6376
`F: 202-783-2331
`
`Service Information
`D.
`Please address all correspondence and service to counsel at the address provided
`
`in Section I(C). Microsoft also consents to electronic service by email at IPR38868-
`
`0006IP1@fr.com.
`
`2
`
`

`

`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`
`PAYMENT OF FEES – 37 C.F.R. § 42.103
`II.
`Microsoft authorizes the Patent and Trademark Office to charge Deposit Account No.
`
`06-1050 for the fee set in 37 C.F.R. § 42.15(a) for this Petition and further authorizes pay-
`
`ment for any additional fees to be charged to this Deposit Account.
`
`III.
`
`REQUIREMENTS FOR IPR UNDER 37 C.F.R. § 42.104
`A.
`Grounds for Standing Under 37 C.F.R. § 42.104(a)
`Microsoft certifies that the ‘151 Patent is eligible for IPR. Microsoft is a named de-
`
`fendant in the 2013 VirnetX litigation, but the present petition is being filed within one year of
`
`service of a complaint against Microsoft in the 2013 VirnetX litigation.1 Microsoft is not
`
`barred or estopped from requesting this review challenging the Challenged Claims on the
`
`below-identified grounds.
`
`Challenge Under 37 C.F.R. § 42.104(b) and Relief Requested
`B.
`Microsoft requests an IPR of the Challenged Claims on the grounds set forth in the
`
`table shown below, and requests that each of the Challenged Claims be found unpatenta-
`
`ble. An explanation of how these claims are unpatentable under the statutory grounds iden-
`
`tified below is provided in the form of a detailed description that indicates where each ele-
`
`ment can be found in the cited prior art, and the relevance of that prior art. Additional ex-
`
`planation and support for each ground of rejection is set forth in Exhibit MSFT-1003, the
`
`Declaration of Dr. Roch Guerin (“Guerin Declaration”), referenced throughout this Petition.
`
`
`1The complaint in the 2013 VirnetX litigation was served on April 23, 2013.
`
`3
`
`

`

`Ground
`Ground 1
`Ground 2
`
`‘151 Patent Claims
`1, 2, 6-8, and 12-14
`1, 2, 6-8, and 12-14
`
`Ground 3
`
`1, 2, 6-8, and 12-14
`
`Ground 4
`
`1, 2, 6-8, and 12-14
`
`Ground 5
`Ground 6
`
`1, 2, 6-8, and 12-14
`1, 2, 6-8, and 12-14
`
`Ground 7
`
`1, 2, 6-8, and 12-14
`
`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`Basis for Rejection
`Anticipated under § 102 by Kiuchi
`Obvious under § 103 based on Kiuchi in view
`of RFC 2660
`Obvious under § 103 based on Kiuchi in view
`of RFC 1034
`Obvious under § 103 based on Kiuchi in view
`of RFC 1034 and further in view of RFC 2660
`Anticipated under § 102 by Aventail
`Obvious under § 103 based on Aventail Con-
`nect in view of Aventail Extranet Center
`Obvious under § 103 based on Aventail in
`view of RFC 2660
`
`The ‘151 patent issued from a string of applications allegedly dating back to an origi-
`
`nal application filed on October 30, 1998. However, as outlined in Section IV(C), the effec-
`
`tive filing date for the embodiments recited by claims 1, 2, 6-8, and 12-14 of the ‘151 patent
`
`is no earlier than February 15, 2000.
`
`Kiuchi qualifies as prior art under 35 U.S.C § 102(b). Specifically, Kiuchi (Ex. 1018)
`
`is a printed publication that was presented at the 1996 Symposium on Network and Distrib-
`
`uted Systems Security (SNDSS) on February 22 & 23, 1996, and published by IEEE in the
`
`Proceedings of SNDSS 1996. Ex. 1018.
`
`4
`
`

`

`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`Aventail qualifies as prior art under §§ 102(a) and (b). Specifically, Aventail (Ex.
`
`1007) is a printed publication that was publicly distributed no later than January 31, 1999.
`
`Ex. 10052 at ¶¶ 11-36; Ex. 1006 at ¶¶ 11-24.
`
`RFC 1034 qualifies as prior art under 35 U.S.C § 102(b). Specifically, RFC 1034
`
`(Ex. 1008) was published in November 1987 by the Internet Engineering Task Force (IETF).
`
`RFC 1034 was publically distributed no later than November 1987. Ex. 1008.
`
`RFC 2660 qualifies as prior art under 35 U.S.C § 102(b). Specifically, draft 01 of
`
`RFC 2660 (Ex. 1010) was published in February 1996 by the Internet Engineering Task
`
`Force (IETF). RFC 2660 was publically distributed no later than February 1996. Ex. 1010.
`
`Claim Construction under 37 C.F.R. §§ 42.104(b)(3)
`C.
`A claim subject to IPR is given its “broadest reasonable construction in light of the
`
`
`
`specification of the patent in which it appears.” 3 37 C.F.R. § 42.100(b). For purposes of
`
`
`2 Exs. 1005 and 1006 are declarations that were submitted in co-pending IPR2014-00173.
`
`Microsoft has attached the exhibits referenced in each declaration that are not otherwise
`
`submitted as exhibits with this petition.
`
`3 Because the standards of claim interpretation applied in litigation differ from PTO proceed-
`
`ings, any interpretation of claim terms in this IPR is not binding upon Microsoft in any litiga-
`
`tion related to the subject patent. See In re Zletz, 13 USPQ2d 1320, 1322 (Fed. Cir. 1989).
`
`Additionally, Microsoft does not acquiesce to Patent Owner’s or the district court’s (or any-
`
`
`
`5
`
`

`

`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`this proceeding only, Microsoft submits constructions for the following terms. All remaining
`
`terms should be given their plain meaning.
`
`1. Domain Name
`The Patent Owner has asserted to the PTAB that that a “domain name” means “a
`
`name corresponding to network address.” Ex. 1019, p. 28. In view of the Patent Owner’s
`
`assertions, it is reasonable, for purposes of this proceeding in which the broadest reasona-
`
`ble construction standard applies, to consider the term “domain name” as encompassing “a
`
`name corresponding to a network address.”
`
`2. DNS Request
`The Patent Owner has asserted to the PTAB that that a “DNS request” means “a re-
`
`quest for a resource corresponding to a domain name.” Ex. 1019 at pp. 28-29. In view of
`
`the Patent Owner’s assertions, it is reasonable, for purposes of this proceeding in which the
`
`broadest reasonable construction standard applies, to consider the term “DNS request” as
`
`encompassing “a request for a resource corresponding to a domain name.”
`
`3. Secure Server
`
`The Patent Owner has asserted to the PTAB that a “secure server” means “a server
`
`that requires authorization for access and that can communicate in an encrypted channel.”
`
`Ex. 1019 at 38-39. In view of the Patent Owner’s assertions, it is reasonable, for purposes
`
`one else’s) constructions, and otherwise reserves all of its rights to argue, contest, and/or
`
`appeal the constructions.
`
`6
`
`

`

`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`of this proceeding in which the broadest reasonable construction standard applies, to con-
`
`sider the term “secure server” as encompassing “a server that requires authorization for ac-
`
`cess and that can communicate in an encrypted channel.”
`
`4. Automatically Initiating/Creating an Encrypted/Secure Channel
`The Patent Owner has asserted to the PTAB “automatically initiating/creating an en-
`
`crypted/secure channel” means “initiating/creating the encrypted/secure channel without in-
`
`volvement of a user.” Ex. 1019 at 41-42. In view of the Patent Owner’s assertions, it is rea-
`
`sonable, for purposes of this proceeding in which the broadest reasonable construction
`
`standard applies, to consider “automatically initiating/creating an encrypted/secure channel”
`
`as encompassing “initiating/creating the encrypted/secure channel without involvement of a
`
`user.”
`
`5. Client
`Petitioner proposes that a “client,” under the broadest reasonable interpretation of
`
`that term, encompasses “a computer or program from which a data request to a server is
`
`generated.” This is not inconsistent with the ‘151 patent’s specification and the understand-
`
`ing one of ordinary skill in the art would ascribe to this term when identifying the broadest
`
`reasonable construction. See Ex. 1003 at ¶ 16.
`
`In particular, the ‘151 patent describes that “user's computer 2501 includes a client
`
`application 2504 (for example, a web browser) and an IP protocol stack 2505.” Ex. 1001 at
`
`37:1-3. Notably this sentence uses the term “client” with regard to an application, not the
`
`7
`
`

`

`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`“user’s computer.” Thus, under this term’s broadest reasonable interpretation, the ‘151 pa-
`
`tent supports that “client” may refer to an application, not just a physical machine.
`
`6. Between [A] and [B]
`In prior litigation involving the ‘151 patent, the Patent Owner argued against the De-
`
`fendant’s construction that “between” should mean “extend from one endpoint to the other,”
`
`and instead stated that “between” should only apply to the “public communication paths.”
`
`Ex. 1015, p. 10. Under the Patent Owner’s contentions, an encrypted/secure channel is
`
`“between” a client and a secure server where the channel is on the public communication
`
`paths between the client and the secure server, regardless of whether the encrypted/secure
`
`channel extends completely from the client to the secure server. In view of the Patent
`
`Owner’s assertions, it is reasonable, for purposes of this proceeding in which the broadest
`
`reasonable construction standard applies, to consider an encrypted/secure channel “be-
`
`tween [A] and [B]” to encompass an encrypted/secure channel on the public communication
`
`paths between the client and the secure server, regardless of whether that channel fully ex-
`
`tends from the client to the secure server.
`
`IV.
`
`SUMMARY OF THE ‘151 PATENT
`A.
`Brief Description
`Generally, the ‘151 patent purportedly provides a secure mechanism for communi-
`
`cating over the internet. Ex. 1001 at Col. 3, line 8. In particular, the ‘151 patent purportedly
`
`describes a domain name service system configured to perform the operations of: (1) inter-
`
`8
`
`

`

`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`cepting a DNS request sent by a client; (2) determining whether the intercepted DNS re-
`
`quest corresponds to a secure server, (3) when the intercepted DNS request does not cor-
`
`respond to a secure server, forwarding the DNS request to a DNS function that returns an
`
`IP address of a nonsecure computer, and (4) when the intercepted DNS request corre-
`
`sponds to a secure server, automatically initiating an encrypted channel between the client
`
`and the secure server. Ex. 1001 at Col. 37, lines 25-38.
`
`The ‘151 patent includes 16 claims, of which claims 1, 7 and 13 are independent.
`
`Summary of the Prosecution History of the ‘151 Patent
`B.
`U.S. 7,490,151 issued on February 10, 2009 from U.S. Patent Application No.
`
`10/259,494 (“the ‘494 application”), which was filed on September 30, 2002 with 20 claims
`
`as a division of U.S. Patent Application No. 09/504,783 (“the ’783 application”). See Ex.
`
`1002, pp. 8, 79-82.
`
`No reasons for allowance are expressly stated in the ‘151 patent file history. Moreo-
`
`ver, the Patent Owner never explicitly distinguished the ultimately allowed and issued claims
`
`from the cited prior art, instead focusing its responsive arguments on claims that were later
`
`cancelled. See, e.g., Ex. 1002, pp. 359-363, 385-388, 398-399, 559-561. Ultimately the
`
`patent issued on February 10, 2009, though it is not clear whether a particular feature led to
`
`the allowance.
`
`The Effective Priority Date of the Claims of the ‘151 Patent
`C.
`The ’151 patent issued from U.S. Application No. 10/259,494, filed September 30,
`
`9
`
`

`

`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`2002. The ’494 application is a division of U.S. Application No. 09/504,783, filed on Febru-
`
`ary 15, 2000, now U.S. Patent No. 6,502,135, which is a continuation-in-part of U.S. Appli-
`
`cation No. 09/429,653, filed on October 29, 1999, now U.S. Patent No. 7,010,604. The ’494,
`
`’783 and ’653 applications each attempt to claim priority under 35 U.S.C. 119(e) to Provi-
`
`sional Application Nos. 60/106,261, filed October 30, 1998 and 60/137,704, filed June 7,
`
`1998.
`
`Claims 1, 7 and 13 of the ’151 patent are independent claims. Claims 2-6 depend
`
`from claim 1, claims 8-12 depend from claim 7, and claims 14-16 depend from claim 13. Ac-
`
`cordingly, claims 2-6, 8-12, and 14-16 cannot enjoy an effective filing date earlier than that
`
`of claims 1, 7 and 13, respectively, from which they depend.
`
`Claims 1, 7 and 13 of the ’151 patent rely on information first presented in the ’783
`
`application. For example, claim 1 of the ’151 patent specifies “determining whether the in-
`
`tercepted DNS request corresponds to a secure server” and subsequent steps involving
`
`the DNS request. Similarly, claims 7 and 13 include limitations involving DNS requests
`
`(e.g., “intercepting a DNS request sent by a client . . .” and “determining whether the inter-
`
`cepted DNS request corresponds to a secure server . . .”, respectively). The first application
`
`that recites the term “DNS” is the ’783 application. Because none of the ’653, ’261 or ’704
`
`applications disclose or even suggest use in any manner of DNS requests or proxy servers,
`
`these earlier filed applications do not describe or enable the subject matter defined by at
`
`least claims 1, 7 and 13 of the ’151 patent. Accordingly, the effective filing date of claims 1-
`
`10
`
`

`

`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`
`16 of the ’151 patent is no earlier than February 15, 2000.
`
`V.
`
`MANNER OF APPLYING CITED PRIOR ART TO EVERY CLAIM FOR
`WHICH AN IPR IS REQUESTED, THUS ESTABLISHING A REASONABLE
`LIKELIHOOD THAT AT LEAST ONE CLAIM OF THE ‘151 PATENT IS UN-
`PATENTABLE
`A.
`[GROUND 1] – Kiuchi Anticipates Claims 1, 2, 6-8, and 12-14
`Kiuchi is a printed publication that was presented at the 1996 Symposium on Net-
`
`work and Distributed Systems Security (SNDSS) on February 22 & 23, 1996, and published
`
`by IEEE in the Proceedings of SNDSS 1996. Ex. 1018. Kiuchi is therefore prior art to the
`
`‘151 patent at least under § 102(b), regardless of which effective filing date in the priority
`
`chain is applied to the claims.
`
`Overview of Kiuchi
`
`Kiuchi describes a system and a protocol called “C-HTTP” that “provides se-
`
`cure HTTP communication mechanisms within a closed group of institutions on the
`
`Internet, where each member is protected by its own firewall.” Ex. 1018, p. 64, ab-
`
`stract. Kiuchi describes that C-HTTP can be used to create “a closed HTTP-based
`
`virtual network . . . for closed groups; for example, the headquarters and branches of
`
`a given corporation.” Ex. 1018, p. 69, § 5. The following Diagram 1 illustrates rele-
`
`vant parts within the C-HTTP system described by Kiuchi, and will be used to de-
`
`scribe the C-HTTP system. See Ex. 1003, ¶ 56.
`
`
`
`11
`
`

`

`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`
`(Diagram 1)
`
`
`
`Leveraging these parts, Kiuchi describes a process by which a client-side
`
`proxy establishes a secure connection with a server-side proxy using the C-HTTP
`
`protocol over the Internet (i.e., a C-HTTP connection), thus establishing a closed vir-
`
`tual network including a user agent and one or more origin servers. See Ex. 1018, p.
`
`64, § 2.1; p. 69, § 5; see also Ex. 1003, ¶ 57. Through the C-HTTP connection, a
`
`user agent associated with the client-side proxy may request information stored on
`
`one or more origin servers associated with the server-side proxy. See id. In order to
`
`establish a C-HTTP connection, Kiuchi teaches discrete steps that will be described
`
`using the following block diagram. See Ex. 1018, pp. 65-66, § 2.3; see also, Diagram
`
`2, where each step is numbered to indicate a temporal sequence of the steps taught
`
`by Kiuchi (Ex. 1003, ¶ 58).
`
`12
`
`

`

`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`
`(Diagram 2)
`
`
`
`To enable initiation of this set of steps, the user agent displays HTML docu-
`
`ments to an end-user. See Ex. 1018, p. 65, § 2.3. Through interaction with the user
`
`agent, the end user selects a hyperlink URL included within an HTML document.
`
`See id. Kiuchi provides an example of the selected URL:
`
`“http://server.in.current.connection/sample.html=@=6zdDfldfcZLj8V!i”, where “serv-
`
`er.in.current.connection” is the hostname, “sample.html” is the name of the resource
`
`being requested, and “6zdDfldfcZLj8V!i” is a connection ID. See Ex. 1018, p. 65, §
`
`2.3; Ex. 1003, ¶ 59.
`
`Thereafter, as illustrated by Diagram 3, initial steps are performed by Kiuchi’s
`
`system in response to user selection of the hyperlink. These steps include: (1) a re-
`
`quest being sent from the user agent to the client-side proxy for the selected URL; (2)
`
`a request being sent from the client-side proxy to the C-HTTP name server for an IP
`
`address corresponding to the hostname included in the selected URL; and (3) a re-
`
`sponse being returned from the C-HTTP name server that either includes the IP ad-
`
`13
`
`

`

`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`dress associated with the server-side proxy or an error message. Ex. 1003, ¶ 63. If
`
`the C-HTTP name server returns an error message (i.e., if the hostname does not
`
`correspond to a secure server in the closed network, or the connection is not permit-
`
`ted), then the client-side proxy performs a DNS lookup using the standard/public
`
`DNS, as illustrated by the dashed line. See Ex. 1018, p. 65, § 2.3; see also Ex.
`
`1003, ¶ 63.
`
`(Diagram 3)
`
`
`
`Analyzing these steps in further detail, when the end user selects the hyperlink
`
`in the displayed HTML document, the user agent sends a request for the URL to the
`
`client-side proxy, as illustrated by (1) in Diagram 3. See Ex. 1018, p. 65, § 2.3.
`
`When the client-side proxy receives the URL (including the hostname) from the user
`
`agent, it determines whether the connection ID included in the URL matches the IDs
`
`of any current connections being maintained by the client-side proxy. See id. If the
`
`connection ID is not found in the current connection table in the client-side proxy, the
`
`client-side proxy attempts to establish a new connection with the host corresponding
`
`14
`
`

`

`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`
`to the hostname included in the URL. See id.
`
`To establish a new connection with the corresponding host, as illustrated by
`
`(2) in Diagram 3, the client-side proxy sends a request to ask the C-HTTP name
`
`server whether the client-side proxy can communicate with the host associated with
`
`the hostname and, if so, to resolve the hostname included in the URL such that the
`
`corresponding IP address is returned by the C-HTTP name server to the client-side
`
`proxy. See Ex. 1018, p. 65, § 2.3(2). In some instances, the hostname corresponds
`
`to an origin server behind a server-side proxy and is associated with an IP address
`
`for the server-side proxy. See Ex. 1018, p. 65, § 2.3; see also Ex. 1003, ¶¶ 59-61.
`
`In other instances, the hostname corresponds to a server on the Internet outside the
`
`C-HTTP network. Ex. 1018, p. 65, § 2.3; Ex. 1003, ¶ 61.
`
`Upon receipt of the request, the C-HTTP name server first authenticates the
`
`client-side proxy (and, by association, the user agent) to determine if the request is
`
`legitimate. See Ex. 1018, p. 65, § 2.3; see also Ex. 1003, ¶ 62. When the request is
`
`legitimate, the C-HTTP name server determines whether a “server-side proxy [asso-
`
`ciated with the hostname] is registered in the closed network.” See id. As illustrated
`
`by (3) in Diagram 3, if a server-side proxy associated with the hostname is not regis-
`
`tered in the closed network, or the connection is not permitted, then the C-HTTP
`
`name server returns an error message, in response to which the client-side proxy
`
`performs a look-up with a standard/public DNS server, behaving like an ordinary
`
`15
`
`

`

`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`HTTP proxy. See id. The standard/public DNS server then returns an IP address of
`
`the host corresponding to the hostname, which the client-side proxy uses to connect
`
`to the host on behalf of the user agent. See id.
`
`On the other hand, if the server-side proxy is registered in the closed network
`
`and is permitted to accept a connection from the client-side proxy, then the C-HTTP
`
`name server sends a response to the client-side proxy’s request that includes “the IP
`
`address and public key of the server-side proxy and both request and response
`
`Nonce values,” as illustrated by (3) in Diagram 3. See Ex. 1018, p. 65, § 2.3; Ex.
`
`1003, ¶¶ 62-63. Notably, the C-HTTP name server never provides the IP address of
`
`the origin server to the client-side proxy. Ex. 1018 at 65, § 2.2; Ex. 1003, ¶ 64. Ra-
`
`ther, when the C-HTTP name server returns the IP address of the server-side proxy
`
`along with the server-side proxy’s public key and the nonce values, the client-side
`
`proxy attempts to establish a C-HTTP connection with the server-side proxy using
`
`the IP address received from the C-HTTP name server. See Ex. 1018, p. 65, § 2.3;
`
`Ex. 1003, ¶ 64. The steps for doing so are illustrated in Diagram 4. See Ex. 1003, ¶
`
`64.
`
`In particular, Kiuchi describes that the client-side proxy, in response to receiv-
`
`ing the IP address of the server-side proxy and other information from the C-HTTP
`
`name server, sends a “[r]equest for connection to the server-side proxy” (4), the
`
`server-side proxy performs a “[l]ookup of client-side proxy information” with the C-
`
`16
`
`

`

`Attorney Docket No. 38868-0006IP1
`IPR of U.S. Patent No. 7,490,151
`HTTP name server (5 and 6), and the server-side proxy sends confirmation of the
`
`connection to the client-side proxy (7), if the server-side proxy is able to properly au-
`
`thenticate the client-side proxy. See Ex. 1018, pp. 65-66, § 2.3, steps 3-5; Ex. 1003,
`
`¶ 66.
`
`
`
`(Diagram 4)
`
`
`
`Considering these steps in further detail, the client-side proxy,