`By:
`
`Joseph E. Palys
`Paul Hastings LLP
`875 15th Street NW
`Washington, DC 20005
`Telephone: (202) 551-1996
`Facsimile: (202) 551-0496
`E-mail: josephpalys@paulhastings.com
`
`
`
`Paper No. ____
`Filed: June 29, 2016
`
`Naveen Modi
`Paul Hastings LLP
`875 15th Street NW
`Washington, DC 20005
`Telephone: (202) 551-1990
`Facsimile: (202) 551-0490
`E-mail: naveenmodi@paulhastings.com
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`
`
`
`
`
`
`
`
`
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`
`
`
`
`
`
`
`
`
`
`THE MANGROVE PARTNERS MASTER FUND, LTD., APPLE INC., and
`BLACK SWAMP IP, LLC,
`Petitioner
`
`v.
`
`VIRNETX INC.,
`Patent Owner
`
`
`
`
`
`
`
`
`Case IPR2015-010471
`Patent 7,490,151
`
`
`
`
`
`
`
`
`PATENT OWNER’S DEMONSTRATIVE EXHIBITS
`
`
`1 Apple Inc. and Black Swamp IP, LLC, who filed petitions in IPR2016-00063 and
`IPR2016-00167, respectively, have been joined as a Petitioner in the instant
`proceeding.
`
`
`
`Inter Partes Review of
`U.S. Patent No. 6,502,135
`U.S. Patent No. 7,490,151
`
`Case Nos. IPR2015-01046, -01047
`
`Oral Hearing: June 30, 2016
`
`
`
`Instituted Grounds
`• IPR2015-01046 (U.S. Patent No. 6,502,135)
`– Claims 1, 3, 4, 7, 8, 10, and 12 as anticipated by
`Kiuchi
`– Claim 8 as obvious over Kiuchi and RFC 1034
`
`
`• IPR2015-01047 (U.S. Patent No. 7,490,151)
`– Claims 1, 2, 6-8, 12-14 as anticipated by Kiuchi
`– Claims 1, 2, 6-8, 12-14 as obvious over Kiuchi
`and Rescorla and/or RFC 1034
`
`IPR2015-01046, Paper No. 11 at 12; IPR2015-01047, Paper No. 11 at 12, Paper No. 24 at 1-2
`
`2
`2
`
`
`
`Overview of Kiuchi
`
`Overview of Kiuchi
`
`3
`
`
`
`Kiuchi’s C-HTTP Communication Process
`
`IPR2015-01046, Ex. 2043 at ¶ 36; Ex. 1002 at 7; Paper No. 44 at 19
`
`4 4
`
`
`
`Kiuchi’s C-HTTP Communication Process
`
`IPR2015-01046, Ex. 2043 at ¶¶ 38-39; Paper No. 44 at 19
`
`5 5
`
`
`
`Kiuchi’s C-HTTP Communication Process
`
`IPR2015-01046, Ex. 2043 at ¶ 40; Paper No. 44 at 19
`
`6 6
`
`
`
`Kiuchi’s C-HTTP Communication Process
`
`IPR2015-01046, Ex. 2043 at ¶ 41; Paper No. 44 at 19
`
`7 7
`
`
`
`Kiuchi’s C-HTTP Communication Process
`
`IPR2015-01046, Ex. 2043 at ¶ 42; Paper No. 44 at 19
`
`8 8
`
`
`
`IPR2015-01046
`U.S. Patent No. 6,502,135
`
`9
`
`
`
`Claim 1 of the ’135 Patent
`1. A method of transparently creating a virtual private network (VPN)
`between a client computer and a target computer, comprising the steps
`of:
`
`
`(1) generating from the client computer a Domain Name Service
`(DNS) request that requests an IP address corresponding to a
`domain name associated with the target computer;
`
`
`(2) determining whether the DNS request transmitted in step (1) is
`requesting access to a secure web site; and
`
`
`(3) in response to determining that the DNS request in step (2) is
`requesting access to a secure target web site, automatically
`initiating the VPN between the client computer and the target
`computer.
`
`IPR2015-01046, Ex. 1001, claim 1
`
`10 10
`
`
`
`Claim 1 of the ’135 Patent
`1. A method of transparently creating a virtual private network (VPN)
`between a client computer and a target computer, comprising the steps
`of:
`
`
`(1) generating from the client computer a Domain Name Service
`(DNS) request that requests an IP address corresponding to a
`domain name associated with the target computer;
`
`
`(2) determining whether the DNS request transmitted in step (1) is
`requesting access to a secure web site; and
`
`
`(3) in response to determining that the DNS request in step (2) is
`requesting access to a secure target web site, automatically
`initiating the VPN between the client computer and the target
`computer.
`
`IPR2015-01046, Ex. 1001, claim 1
`
`11 11
`
`
`
`The Recited DNS Features
`
`IPR2015-01046, Ex. 1002 at 7; Paper No. 44 at 20
`
`12 12
`
`
`
`The Recited DNS Features
`Petitioners’ Expert, Dr. Guerin:
`
`IPR2015-01046, Ex. 2047 at 22:22-23:5; Paper No. 44 at 21
`
`13 13
`
`
`
`The Recited DNS Features
`Petitioners’ Expert, Dr. Guerin:
`
`IPR2015-01046, Ex. 2047 at 23:6-16; Paper No. 44 at 21
`
`14 14
`
`
`
`Claim 1 of the ’135 Patent
`1. A method of transparently creating a virtual private network (VPN)
`between a client computer and a target computer, comprising the steps
`of:
`
`
`(1) generating from the client computer a Domain Name Service
`(DNS) request that requests an IP address corresponding to a
`domain name associated with the target computer;
`
`
`(2) determining whether the DNS request transmitted in step (1) is
`requesting access to a secure web site; and
`
`
`(3) in response to determining that the DNS request in step (2) is
`requesting access to a secure target web site, automatically
`initiating the VPN between the client computer and the target
`computer.
`
`IPR2015-01046, Ex. 1001, claim 1
`
`15 15
`
`
`
`“Requests an IP Address Corresponding to a . . .”
`Patent Owner’s Expert, Dr. Monrose:
`
`IPR2015-01046, Ex. 2043 at ¶ 47; Paper No. 44 at 23
`
`16 16
`
`
`
`“Requests an IP Address Corresponding to a . . .”
`Petitioners’ Expert, Dr. Guerin:
`
`IPR2015-01046, Ex. 2047 at 95:9-14; Paper No. 44 at 23; IPR2015-01047, Ex. 1003 at ¶ 20
`
`17 17
`
`
`
`“Requests an IP Address Corresponding to a . . .”
`Petitioners’ Expert, Dr. Guerin:
`
`IPR2015-01046, Ex. 2047 at 25:5-13; Paper No. 44 at 23
`
`18 18
`
`
`
`“Requests an IP Address Corresponding to a . . .”
`Apple’s expert in district court:
`
`IPR2015-01046, Ex. 2048 at 42:3-6; Paper No. 44 at 23
`
`19 19
`
`
`
`Claim 1 of the ’135 Patent
`1. A method of transparently creating a virtual private network (VPN)
`between a client computer and a target computer, comprising the steps
`of:
`
`
`(1) generating from the client computer a Domain Name Service
`(DNS) request that requests an IP address corresponding to a
`domain name associated with the target computer;
`
`
`(2) determining whether the DNS request transmitted in step (1) is
`requesting access to a secure web site; and
`
`
`(3) in response to determining that the DNS request in step (2) is
`requesting access to a secure target web site, automatically
`initiating the VPN between the client computer and the target
`computer.
`
`IPR2015-01046, Ex. 1001, claim 1
`
`20 20
`
`
`
`“Client Computer”
`Apple’s expert in district court:
`
`IPR2015-01046, Ex. 2048 at 37:9-18; Paper No. 44 at 25
`
`21 21
`
`
`
`“Client Computer”
`Apple’s expert in district court:
`
`IPR2015-01046, Ex. 2048 at 43:10-13, 53:18-23; Paper No. 44 at 25
`
`22 22
`
`
`
`“Client Computer”
`Patent Owner’s Expert, Dr. Monrose:
`
`IPR2015-01046, Ex. 2043 at ¶ 51; Paper No. 44 at 26
`
`23 23
`
`
`
`“Client Computer”
`Federal Circuit on the “client-side proxy” of Kiuchi:
`
`
`
`
`
`24 24
`
`VirnetX Inc. v. Cisco Systems, Inc., 767 F.3d 1308, 1324 (Fed. Cir.
`2014).
`
`
`
`IPR2015-01046, Paper No. 44 at 26, 27
`
`
`
`“Target Computer”
`Patent Owner’s Response:
`
`
`
`
`
`IPR2015-01046, Paper No. 44 at 28
`
`25 25
`
`
`
`“Target Computer”
`Petitioners’ Expert, Dr. Guerin:
`
`
`
`Apple’s expert in district court:
`
`
`
`IPR2015-01046, Ex. 2047 at 100:8-11; Ex. 2048 at 38:11-17; Paper No. 44 at 28
`
`26 26
`
`
`
`Claim 1 of the ’135 Patent
`1. A method of transparently creating a virtual private network (VPN)
`between a client computer and a target computer, comprising the steps
`of:
`
`
`(1) generating from the client computer a Domain Name Service
`(DNS) request that requests an IP address corresponding to a
`domain name associated with the target computer;
`
`
`(2) determining whether the DNS request transmitted in step (1) is
`requesting access to a secure web site; and
`
`
`(3) in response to determining that the DNS request in step (2) is
`requesting access to a secure target web site, automatically
`initiating the VPN between the client computer and the target
`computer.
`
`IPR2015-01046, Ex. 1001, claim 1
`
`27 27
`
`
`
`“VPN”
`Patent Owner’s Expert, Dr. Monrose:
`
`IPR2015-01046, Ex. 2043 at ¶ 57; Paper No. 44 at 29-30
`
`28 28
`
`
`
`“VPN”
`Patent Owner’s Expert, Dr. Monrose:
`
`IPR2015-01046, Ex. 2043 at ¶ 58; Paper No. 44 at 31
`
`29 29
`
`
`
`“VPN”
`
`Federal Circuit:
`
`
`
`VirnetX, 767 F.3d at 1324.
`
`IPR2015-01046, Paper No. 44 at 31-32
`
`30 30
`
`
`
`Claim 7 of the ’135 Patent
`
`7. The method of claim 1, wherein step (3) comprises the step of using
`a gatekeeper computer that allocates VPN resources for communicating
`between the client computer and the target computer.
`
`IPR2015-01046, Ex. 1001, claim 7
`
`31 31
`
`
`
`Claim 7 of the ’135 Patent
`
`Petition:
`
`
`
`Institution Decision:
`
`IPR2015-01046, Paper No. 5 at 32; Paper No. 11 at 6
`
`32 32
`
`
`
`Claim 7 of the ’135 Patent
`Petitioners’ Reply:
`
`
`
`IPR2015-01046, Paper No. 50 at 18-19
`
`33 33
`
`
`
`Claim 7 of the ’135 Patent
`Petitioners’ Reply (’135 Patent):
`
`
`
`IPR2015-01046, Ex. 1001 at 38:53-65, 47:33-35; Paper No. 50 at 18-19
`
`34 34
`
`
`
`Claim 7 of the ’135 Patent
`Patent Owner’s Response:
`
`
`
`IPR2015-01046, Paper No. 44 at 37
`
`35 35
`
`
`
`Claim 10 of the ’135 Patent
`10. A system that transparently creates a virtual private network (VPN)
`between a client computer and a secure target computer, comprising:
`
`
`a DNS proxy server that receives a request from the client computer
`to look up an IP address for a domain name, wherein the DNS proxy
`server returns the IP address for the requested domain name if it is
`determined that access to a non-secure web site has been
`requested, and wherein the DNS proxy server generates a request to
`create the VPN between the client computer and the secure target
`computer if it is determined that access to a secure web site has
`been requested; and
`
`
`
`a gatekeeper computer that allocates resources for the VPN between
`the client computer and the secure web computer in response to the
`request by the DNS proxy server.
`
`IPR2015-01046, Ex. 1001, claim 10
`
`36 36
`
`
`
`Claim 10 of the ’135 Patent
`10. A system that transparently creates a virtual private network (VPN)
`between a client computer and a secure target computer, comprising:
`
`
`a DNS proxy server that receives a request from the client computer
`to look up an IP address for a domain name, wherein the DNS proxy
`server returns the IP address for the requested domain name if it is
`determined that access to a non-secure web site has been
`requested, and wherein the DNS proxy server generates a request to
`create the VPN between the client computer and the secure target
`computer if it is determined that access to a secure web site has
`been requested; and
`
`
`
`a gatekeeper computer that allocates resources for the VPN between
`the client computer and the secure web computer in response to the
`request by the DNS proxy server.
`
`IPR2015-01046, Ex. 1001, claim 10
`
`37 37
`
`
`
`The Recited DNS Features
`Patent Owner’s Response:
`
`
`
`Patent Owner’s Expert, Dr. Monrose:
`
`
`IPR2015-01046, Paper No. 44 at 32; Ex. 2043 at ¶ 59
`
`38 38
`
`
`
`Claim 10 of the ’135 Patent
`10. A system that transparently creates a virtual private network (VPN)
`between a client computer and a secure target computer, comprising:
`
`
`a DNS proxy server that receives a request from the client computer
`to look up an IP address for a domain name, wherein the DNS proxy
`server returns the IP address for the requested domain name if it is
`determined that access to a non-secure web site has been
`requested, and wherein the DNS proxy server generates a request to
`create the VPN between the client computer and the secure target
`computer if it is determined that access to a secure web site has
`been requested; and
`
`
`
`a gatekeeper computer that allocates resources for the VPN between
`the client computer and the secure web computer in response to the
`request by the DNS proxy server.
`
`IPR2015-01046, Ex. 1001, claim 10
`
`39 39
`
`
`
`“DNS Proxy Server Generates a Request to Create the VPN
`
`Patent Owner’s Expert, Dr. Monrose:
`
`
`IPR2015-01046, Ex. 2043 at ¶ 60; Paper No. 44 at 33
`
`40 40
`
`
`
`“DNS Proxy Server Generates a Request to Create the VPN
`
`Patent Owner’s Expert, Dr. Monrose:
`
`
`IPR2015-01046, Ex. 2043 at ¶ 61; Paper No. 44 at 33
`
`41 41
`
`
`
`Claim 10 of the ’135 Patent
`10. A system that transparently creates a virtual private network (VPN)
`between a client computer and a secure target computer, comprising:
`
`
`a DNS proxy server that receives a request from the client computer
`to look up an IP address for a domain name, wherein the DNS proxy
`server returns the IP address for the requested domain name if it is
`determined that access to a non-secure web site has been
`requested, and wherein the DNS proxy server generates a request to
`create the VPN between the client computer and the secure target
`computer if it is determined that access to a secure web site has
`been requested; and
`
`
`
`a gatekeeper computer that allocates resources for the VPN between
`the client computer and the secure web computer in response to the
`request by the DNS proxy server.
`
`IPR2015-01046, Ex. 1001, claim 10
`
`42 42
`
`
`
`Claim 10 of the ’135 Patent
`
`Petition:
`
`
`
`Patent Owner’s Response
`
`IPR2015-01046, Paper No. 5 at 34; Paper No. 44 at 34
`
`43 43
`
`
`
`IPR2015-01047
`U.S. Patent No. 7,490,151
`
`44
`
`
`
`Claim 1 of the ’151 Patent
`1. A data processing device, comprising memory storing a domain name
`server (DNS) proxy module that intercepts DNS requests sent by a client
`and, for each intercepted DNS request, performs the steps of:
`
`(i) determining whether the intercepted DNS request corresponds to
`a secure server;
`
`
`
`
`
`(ii) when the intercepted DNS request does not correspond to a
`secure server, forwarding the DNS request to a DNS function that
`returns an IP address of a nonsecure computer, and
`
`(iii) when the intercepted DNS request corresponds to a secure
`server, automatically initiating an encrypted channel between the
`client and the secure server.
`
`IPR2015-01047, Ex. 1001, claim 1
`
`45 45
`
`
`
`IPR2015 —O1047
`
`IPR2015-01047
`Kiuchi
`
`Kiuchi
`
`46
`
`46
`
`
`
`The Recited DNS Features
`1. A data processing device, comprising memory storing a domain name
`server (DNS) proxy module that intercepts DNS requests sent by a client
`and, for each intercepted DNS request, performs the steps of:
`
`(i) determining whether the intercepted DNS request corresponds to
`a secure server;
`
`
`
`
`
`(ii) when the intercepted DNS request does not correspond to a
`secure server, forwarding the DNS request to a DNS function that
`returns an IP address of a nonsecure computer, and
`
`(iii) when the intercepted DNS request corresponds to a secure
`server, automatically initiating an encrypted channel between the
`client and the secure server.
`
`IPR2015-01047, Ex. 1001, claim 1
`
`47 47
`
`
`
`The Recited DNS Features
`Patent Owner’s Response:
`
`
`IPR2015-01047, Paper No. 48 at 13-14
`
`48 48
`
`
`
`The Recited DNS Features
`
`IPR2015-01047, Ex. 1002 at 7; Paper No. 48 at 14
`
`49 49
`
`
`
`Claim 1 of the ’151 Patent
`1. A data processing device, comprising memory storing a domain name
`server (DNS) proxy module that intercepts DNS requests sent by a client
`and, for each intercepted DNS request, performs the steps of:
`
`(i) determining whether the intercepted DNS request corresponds to
`a secure server;
`
`
`
`
`
`(ii) when the intercepted DNS request does not correspond to a
`secure server, forwarding the DNS request to a DNS function that
`returns an IP address of a nonsecure computer, and
`
`(iii) when the intercepted DNS request corresponds to a secure
`server, automatically initiating an encrypted channel between the
`client and the secure server.
`
`IPR2015-01047, Ex. 1001, claim 1
`
`50 50
`
`
`
`“Determining . . .”
`
`Petition:
`
`
`IPR2015-01047, Paper No. 2 at 25, 28-29
`
`51 51
`
`
`
`Claim 1 of the ’151 Patent
`1. A data processing device, comprising memory storing a domain name
`server (DNS) proxy module that intercepts DNS requests sent by a client
`and, for each intercepted DNS request, performs the steps of:
`
`(i) determining whether the intercepted DNS request corresponds to
`a secure server;
`
`
`
`
`
`(ii) when the intercepted DNS request does not correspond to a
`secure server, forwarding the DNS request to a DNS function that
`returns an IP address of a nonsecure computer, and
`
`(iii) when the intercepted DNS request corresponds to a secure
`server, automatically initiating an encrypted channel between the
`client and the secure server.
`
`IPR2015-01047, Ex. 1001, claim 1
`
`52 52
`
`
`
`“Automatically Initiating an Encrypted Channel . . .”
`Patent Owner’s Response:
`
`IPR2015-01047, Paper No. 48 at 17-18
`
`53 53
`
`
`
`“Automatically Initiating an Encrypted Channel . . .”
`Petitioners’ Expert, Dr. Guerin:
`
`IPR2015-01047, Ex. 2039 at 21:3-7; Paper No. 48 at 18
`
`54 54
`
`
`
`“Automatically Initiating an Encrypted Channel . . .”
`Patent Owner’s Response:
`
`IPR2015-01047, Paper No. 48 at 19
`
`55 55
`
`
`
`“Automatically Initiating an Encrypted Channel . . .”
`Patent Owner’s Response:
`
`IPR2015-01047, Paper No. 48 at 20
`
`56 56
`
`
`
`Claim 1 of the ’151 Patent
`1. A data processing device, comprising memory storing a domain name
`server (DNS) proxy module that intercepts DNS requests sent by a client
`and, for each intercepted DNS request, performs the steps of:
`
`(i) determining whether the intercepted DNS request corresponds to
`a secure server;
`
`
`
`
`
`(ii) when the intercepted DNS request does not correspond to a
`secure server, forwarding the DNS request to a DNS function that
`returns an IP address of a nonsecure computer, and
`
`(iii) when the intercepted DNS request corresponds to a secure
`server, automatically initiating an encrypted channel between the
`client and the secure server.
`
`IPR2015-01047, Ex. 1001, claim 1
`
`57 57
`
`
`
`“For Each Intercepted Request”
`Patent Owner’s Response:
`
`IPR2015-01047, Paper No. 48 at 24
`
`58 58
`
`
`
`IPR2015-01047
`Kiuchi and Rescorla
`and/or RFC 1034
`
`59
`
`
`
`Rescorla and/or RFC 1034
`Patent Owner’s Response:
`
`IPR2015-01047, Paper No. 48 at 28
`
`60 60
`
`
`
`Rescorla and/or RFC 1034
`Patent Owner’s Response:
`
`IPR2015-01047, Paper No. 48 at 28
`
`61 61
`
`
`
`Real Party-in-Interest Issues
`
`62
`
`
`
`Real Party-in-Interest Issues
`
`IPR2015-01046, Paper No. 9 at 3, Paper No. 44 at 46-52
`
`63 63
`
`
`
`Real Party-in-Interest Issues
`
`IPR2015-01046, Ex. 2001 at 3; Paper No. 44 at 47
`
`64 64
`
`
`
`Real Party-in-Interest Issues
`
`IPR2015-01046, Ex. 2001 at 3-4; Paper No. 44 at 47
`
`65 65
`
`
`
`Real Party-in-Interest Issues
`
`IPR2015-01046, Ex. 2001 at 15; Paper No. 44 at 49
`
`66 66
`
`
`
`Real Party-in-Interest Issues
`
`IPR2015-01046, Ex. 2001 at 17; Paper No. 44 at 47
`
`67 67
`
`
`
`Real Party-in-Interest Issues
`
`IPR2015-01046, Ex. 2002 at 2; Paper No. 44 at 48
`
`68 68
`
`
`
`Real Party-in-Interest Issues
`
`IPR2015-01046, Paper No. 2 at 2; Paper No. 44 at 48
`
`69 69
`
`
`
`Real Party-in-Interest Issues
`
`IPR2015-01046, Ex. 2061 at 24; Paper No. 44 at 55
`
`70 70
`
`
`
`Real Party-in-Interest Issues
`
`IPR2015-01046, Ex. 2061 at 18; Paper No. 44 at 55
`
`71 71
`
`
`
`Real Party-in-Interest Issues
`
`IPR2015-01046, Ex. 2061 at 14; Paper No. 44 at 55
`
`72 72
`
`
`
`Real Party-in-Interest Issues
`
`IPR2015-01046, Ex. 2057 at 14; Paper No. 44 at 52
`
`73 73
`
`
`
`Real Party-in-Interest Issues
`
`Paper No. 44 at 52-53
`
`74 74
`
`
`
`Real Party-in-Interest Issues
`
`IPR2015-01046, Ex. 2053; Paper No. 44 at 54
`
`75 75
`
`
`
`Real Party-in-Interest Issues
`
`IPR2015-01046, Ex. 2055; Paper No. 44 at 54
`
`76 76
`
`
`
`77 77
`
`
`
`CERTIFICATE OF SERVICE
`
`Case IPR2015-01047
`
`
`I hereby certify that on this 29th day of June 2016, a copy of the foregoing
`
`Patent Owner’s Demonstrative Exhibits was served by electronic mail upon the
`
`following:
`
`Abraham Kasdan (akasdan@wiggin.com)
`Wiggin and Dana LLP
`450 Lexington Avenue
`New York, NY 10017
`IP@wiggin.com
`
`James T. Bailey (jtb@jtbaileylaw.com)
`504 W. 136th St. #1B
`New York, NY 10031
`
`Jeffrey P. Kushan
`Scott Border
`Thomas A. Broughan III
`Sidley Austin LLP
`1501 K Street NW
`Washington, DC 20005
`iprnotices@sidley.com
`
`Thomas H. Martin
`Wesley C. Meinerding
`Martin & Ferraro, LLP
`1557 Lake O’Pines Street, NE
`Hartville, Ohio 44632
`tmartin@martinferraro.com
`docketing@martinferraro.com
`
`
`
`Respectfully submitted,
`
` /Joseph E. Palys/
`Joseph E. Palys
`Counsel for VirnetX Inc.
`
`
`
`
`
`Dated: June 29, 2016