VirnetX Inc.Download PDFPatent Trials and Appeals BoardJul 14, 2020IPR2015-01047 (P.T.A.B. Jul. 14, 2020) Copy Citation Trials@uspto.gov Paper 122 571-272-7822 Entered: July 14, 2020 UNITED STATES PATENT AND TRADEMARK OFFICE ____________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________ THE MANGROVE PARTNERS MASTER FUND, LTD., APPLE INC., and BLACK SWAMP IP, LLC, Petitioner, v. VIRNETX INC., Patent Owner. ____________ IPR2015-010471 Patent 7,490,151 B2 ____________ Before MICHAEL P. TIERNEY, Vice Chief Administrative Patent Judge, KARL D. EASTHOM, JASON W. MELVIN, Administrative Patent Judges. MELVIN, Administrative Patent Judge. JUDGMENT Final Written Decision on Remand Determining All Challenged Claims Unpatentable 35 U.S.C. §§ 144, 318 1 Apple Inc. and Black Swamp IP, LLC, which filed petitions in IPR2016- 00063 and IPR2016-00167, respectively, have been joined as Petitioners in this proceeding. IPR2015-01047 Patent 7,490,151 B2 2 I. INTRODUCTION A. BACKGROUND AND SUMMARY The Mangrove Partners Master Fund, Ltd., Apple Inc., and Black Swamp IP, LLC (collectively, “Petitioner”) requested inter partes review of claims 1, 2, 6–8, and 12–14 (the “challenged claims”) of U.S. Patent No. 7,490,151 B2 (“the ’151 patent”). Paper 2 (“Pet.”).2 We issued a Decision instituting inter partes review. Paper 11 (“Inst. Dec.”). After institution, VirnetX Inc. (“Patent Owner”) filed a Patent Owner’s Response (Paper 54 (redacted version), “PO Resp.”; Paper 48 (non- redacted version)), to which Petitioner replied (Paper 58 (redacted version); Paper 56 (non-redacted version), “Pet. Reply”; and Paper 59, “Pet. Separate Reply”). Oral argument was conducted on June 30, 2016. Transcripts of that argument have been made of record. Paper 79 (“Original Tr.”); see also Paper 78. Our Final Written Decision was issued September 9, 2016. Paper 80 (“Original Decision”). On appeal, the Federal Circuit vacated our Original Decision and remanded the case for further proceedings. VirnetX Inc. v. Mangrove Partners Master Fund, Ltd., 778 F. App’x 897 (Fed. Cir. 2019). After conferring with the parties, we permitted Patent Owner to file a Motion for Additional Discovery (Paper 90), to which Petitioner filed an Opposition (Paper 91) and Patent Owner filed a Reply (Paper 96). We granted in part Patent Owner’s Motion. Paper 97. Patent Owner requested rehearing of our decision on its Motion for Additional Discovery (Paper 101), to which Petitioner opposed (Paper 102) and Patent Owner replied (Paper 103). 2 We consider the Petition filed by The Mangrove Partners Master Fund, Ltd., not the similar petitions filed by the joined parties. IPR2015-01047 Patent 7,490,151 B2 3 We permitted the parties to brief the issues for consideration on remand from the Federal Circuit. Petitioner filed a principal brief (Paper 104, “Pet. Remand Br.”), Patent Owner filed an opposition (Paper 105, “PO Remand Br.”), Petitioner filed a reply (Paper 106, “Pet. Remand Reply”), and Patent Owner filed a sur-reply (Paper 107, “PO Remand Sur-Reply”). Oral argument was conducted on January 24, 2020, and a transcript appears in the record. Paper 115 (“Tr.”). This is a final written decision as to the patentability of the challenged claims. For the reasons discussed below, we determine that Petitioner has shown by a preponderance of the evidence that the challenged claims are unpatentable. B. RELATED MATTERS The ’151 patent is at issue in the following civil actions: (i) Civ. Act. No. 6:13-cv-00211-LED (E.D. Tex.), filed February 26, 2013; (ii) Civ. Act. No. 6:12-cv-00855-LED (E.D. Tex.), filed November 6, 2012; and (iii) Civ. Act. No. 6:10-cv-00417-LED (E.D. Tex.), filed August 11, 2010. Pet. 1; Paper 8, 11–12. The ’151 patent is the subject of Reexamination Control Nos. 95/001,697 and 95/001,714. Pet. 1–2; Paper 8, 2–3. Petitioner additionally identifies the following: On January 21, 2020, the Federal Circuit issued its opinion in VirnetX Inc. v. Cisco Systems, Inc., No. 2019-1043 (Fed. Cir. Jan. 21, 2020), affirming, under Fed. Cir. R. 36, the Board’s decisions in Cisco Systems, Inc. v. VirnetX Inc., Control No. 95/001,746, Appeal Nos. 2015-007843, 2017-010852, 2017-010852, each involving related U.S. Patent No. 6,839,759 and, inter alia, the Kiuchi reference at issue in this proceeding. IPR2015-01047 Patent 7,490,151 B2 4 Paper 111. Additionally, Patent Owner identifies a number of PTO proceedings that involve U.S. Patent No. 6,502,135 (“the ’135 patent”). Paper 8, 4. Of particular significance here, the ’135 patent is at issue in IPR2015-01046, which has been treated as largely a companion proceeding to the present one. Patent Owner identifies multiple other proceedings involving “patents stemming from the same applications that led to the ’151 patent.” Paper 8, 3–10. C. THE ’151 PATENT The ’151 patent discloses a system and method for automatic creation of a virtual private network (VPN) in response to a domain-name server look-up function. Ex. 1001, 36:58–60. D. ILLUSTRATIVE CLAIMS Claim 1 of the ’151 patent is illustrative of the claimed subject matter and is reproduced below: 1. A data processing device, comprising memory storing a domain name server (DNS) proxy module that intercepts DNS requests sent by a client and, for each intercepted DNS request, performs the steps of: (i) determining whether the intercepted DNS request corresponds to a secure server; (ii) when the intercepted DNS request does not correspond to a secure server, forwarding the DNS request to a DNS function that returns an IP address of a nonsecure computer, and (iii) when the intercepted DNS request corresponds to a secure server, automatically initiating an encrypted channel between the client and the secure server. IPR2015-01047 Patent 7,490,151 B2 5 Ex. 1001, 46:55–67. E. PRIOR ART AND ASSERTED GROUNDS Petitioner asserts unpatentability on the following grounds: Claims Challenged 35 U.S.C. § Reference(s) 1, 2, 6–8, 12–14 102 Kiuchi3 1, 2, 6–8, 12–14 103 Kiuchi, Rescorla4 1, 2, 6–8, 12–14 103 Kiuchi, RFC 10345 1, 2, 6–8, 12–14 103 Kiuchi, RFC 1034, Rescorla Pet. 4. F. CAFC REMAND On appeal, the Federal Circuit held that our prior decision “relied on only the C-HTTP name server to perform the functions of the DNS proxy module.” VirnetX, 778 F. App’x at 906. The Court held that we had not identified substantial evidence “that the C-HTTP name server performs the functions of the claimed DNS proxy module.” Id. It further noted that we “could not have found that the client-side proxy corresponds to the claimed ‘client’ and is also a part of the DNS proxy module, as the claim makes clear that these are separate components.” Id. 3 Takahiro Kiuchi and Shigekoto Kaihara, “C-HTTP – The Development of a Secure, Closed HTTP-based Network on the Internet,” published by IEEE in the Proceedings of SNDSS 1996 (Ex. 1002). 4 E. Rescorla and A. Schiffman, “The Secure Hypertext Transfer Protocol,” Internet Draft (Feb. 1996) (Ex. 1004). 5 P. Mockapetris, Request for Comment (“RFC”) 1034, “Domain Names– Concepts and Facilities,” Nov. 1997 (Ex. 1005). IPR2015-01047 Patent 7,490,151 B2 6 Regarding how the claimed “client” mapped to Kiuchi’s disclosures, the Federal Circuit held that our prior decision had inconsistencies in various parts of its analysis. Id. at 907–08. Attempting to resolve that inconsistency, the Court held that relying exclusively on Kiuchi’s client-side proxy for the claimed “client” would require resolving a claim-construction dispute over the meaning of that term. Id. at 908. Finally, the Federal Circuit held that we should consider Petitioner’s obviousness challenges anew in light of the Court’s decision. Id. II. ANALYSIS A. CLAIM CONSTRUCTION In a Board proceeding based on a petition filed before November 13, 2018, as here, claims in an unexpired patent are interpreted according to their broadest-reasonable construction in light of the specification of the patent in which they appear. 37 C.F.R. § 42.100(b) (2018); see Cuozzo Speed Techs., LLC v. Lee, 136 S. Ct. 2131, 2144–46 (2016).6 The Federal Circuit held that, “[t]o the extent the Board intended to rely exclusively on Kiuchi’s client-side proxy for the claimed ‘client,’” it would be necessary to construe the meaning of “client.” VirnetX, 778 F. App’x at 907–08. The parties dispute that construction, along with the construction of “between.” 6 A recent amendment to this rule does not apply here because the Petition was filed before November 13, 2018. See Changes to the Claim Construction Standard for Interpreting Claims in Trial Proceedings Before the Patent Trial and Appeal Board, 83 Fed. Reg. 51,340 (Oct. 11, 2018) (amending 37 C.F.R. § 42.100(b), effective Nov. 13, 2018) (codified at 37 C.F.R. § 42.100(b) (2019)). IPR2015-01047 Patent 7,490,151 B2 7 1. “client” As to the proper construction of “client,” Petitioner submits that its “anticipation argument does not implicate this issue—there, the user agent is the ‘client’” Pet. Remand Br. 6. As noted below, because we find claims 13 and 14 anticipated by Kiuchi and all claims obvious over Kiuchi and Rescorla, we do not reach Petitioner’s obviousness contentions regarding RFC 1034. See infra at 28. Construing “client” in this proceeding would therefore have no impact on our judgment—it would only influence a ground we do not reach. In copending IPR2015-01046, we construe “client computer.” See IPR2015-01046, Paper 106. We note here that we would reach the same construction for “client” as “client computer” in that proceeding, as the parties treat the terms as essentially synonymous. Pet. Remand Br. 7 n.2.7 2. “between the client and the secure server” Each independent challenged claim includes a phrase requiring an element between two points—claims 1 and 7 recite “initiating an encrypted channel between the client and the secure server” and claim 13 recites “creating a secure channel between the client and the secure server.” Patent Owner submits that the district court correctly construed such phrases as “extending from [A] to [B].” PO Remand Br. 9–10 (citing Ex. 2031, 25–26). Patent Owner notes that construing this term was not required for the prior decision in this case, which considered Kiuchi’s client- side and server-side proxies as the two relevant endpoints. Id. at 10 n.4. 7 In the related proceeding, we construe “client computer” as “user’s computer.” IPR2015-01046, Paper 106. IPR2015-01047 Patent 7,490,151 B2 8 Petitioner contends that the broadest-reasonable construction applies and that we should adopt the construction Patent Owner sought before the district court, that “[s]ecurity—i.e., encryption—is only necessary for public communication paths for the security objective of the patents to be met because security can be inherently present on private portions of the path.” Pet. Remand Br. 9–10 (quoting Ex. 1009, 10). According to Petitioner, that construction must be consistent with the broadest-reasonable construction because Patent Owner offered it to the district court. Id. at 10. Petitioner does not offer any substantive basis to adopt a construction other than Patent Owner’s proposed construction. The plain and ordinary meaning of the claim language supports Patent Owner’s proposed construction, and we apply it here—between the client and the secure server means extending from the client to the secure server, not simply a piece of the way between the two. B. ANTICIPATION Petitioner illustrates its mapping of the claim language to Kiuchi’s disclosures using the following annotated version of a diagram appearing in Petitioner’s expert declaration of Dr. Guerin: IPR2015-01047 Patent 7,490,151 B2 9 Pet. Remand Br. 11 (annotating Ex. 1003 ¶ 24; Pet. 25–37). The annotated diagram is not itself evidence, but helps illustrate Petitioner’s contentions. Kiuchi discloses systems and methods for facilitating “secure HTTP communication mechanisms within a closed group of institutions on the Internet, where each member is protected by its own firewall.” Ex. 1002, 64 (Abstract). It terms its approach C-HTTP, indicating “a closed HTTP (Hypertext Transfer Protocol)-based network (C-HTTP).” Id. C-HTTP allows a conventional user agent (such as web browser software) to request a resource identified in a URL. Id. at 65 (§ 2.3). A client-side proxy intercepts all such resource requests made by a user agent. Id. (“A client-side proxy behaves as an HTTP/1.0 compatible proxy, and it should be specified as a proxy server for external (outside the firewall) access in each user agent within the firewall.”). The “client-side proxy asks IPR2015-01047 Patent 7,490,151 B2 10 the C-HTTP name server whether it can communicate with the host specified in a given URL.” Id. “If the connection is permitted, the C-HTTP name server sends the IP address and public key of the server-side proxy” to the client-side proxy. Id. If, on the other hand, connection from the client- side proxy to the appropriate server-side proxy is not permitted, the C-HTTP name server sends the client-side proxy a status code that indicates an error. Id. In that event, the client-side proxy “performs DNS lookup, behaving like an ordinary HTTP/1.0 proxy.” Id. When connection is permitted, the client-side proxy and server-side proxy negotiate details and establish an encrypted connection between them, over which the user agent’s request is passed. Id. at 66. The “server-side proxy communicates with an origin server inside the firewall” such that, “[f]rom the view of the user agent or client-side proxy, all resources appear to be located in a server-side proxy on the firewall.” Id. Petitioner asserts that Kiuchi’s user agent, acting as the claimed client, generates a request for content corresponding to a hostname in a URL. Pet. Remand Br. 10 (citing Pet. 25–28); see also id. at 6 (“Petitioners’ anticipation argument does not implicate this issue—there, the user agent is the ‘client.’”). Petitioner asserts that Kiuchi discloses “determining whether the intercepted DNS request corresponds to a secure server.” Kiuchi’s client- side proxy intercepts a user agent’s requests and uses the C-HTTP name server to determine whether requested content corresponds to an origin server reachable through a server-side proxy. Id. (citing Pet. 28–29). Thus, Petitioner asserts that the client-side proxy, working with the C-HTTP name server, acts as the claimed DNS proxy module. Id.; Pet. 25 (citing Ex. 1003 IPR2015-01047 Patent 7,490,151 B2 11 ¶¶ 18, 20–21) (“client-side proxy – working in concert with the C-HTTP name server – is a domain name server (DNS) proxy module that intercepts DNS requests sent by a user agent acting as a client”). Petitioner asserts that Kiuchi discloses “when the intercepted DNS request corresponds to a secure server, . . . automatically initiating an encrypted channel between the client and the secure server.” If the requested content corresponds to a server-side proxy and origin server, Kiuchi’s client- side proxy establishes a connection with the origin server through the server- side proxy. Pet. Remand Br. 10–12 (citing Pet. 29–32). Petitioner asserts that Kiuchi discloses “when the intercepted DNS request does not correspond to a secure server, forwarding the DNS request to a DNS function that returns an IP address of a nonsecure computer.” If the requested content does not require such a connection, the client-side proxy forwards the request to a conventional DNS server for resolution. Id. at 10– 13. Patent Owner disputes several aspects of Petitioner’s contentions. 1. Kiuchi discloses “forwarding the DNS request to a DNS function” When Kiuchi’s client-side proxy (which, together with the C-HTTP name server, maps to the claimed “DNS proxy module”) receives an error response from the C-HTTP name server (indicating the client’s request does not correspond to a secure server) it “performs DNS lookup, behaving like an ordinary HTTP/1.0 proxy.” 1002, 65 (§ 2.3). Petitioner submits that Kiuchi therefore discloses “when the intercepted DNS request does not correspond to a secure server, forwarding the DNS request to a DNS function that returns an IP address of a nonsecure computer.” Pet. 29–30 (quoting Ex. 1002, 65 (§ 2.3)). IPR2015-01047 Patent 7,490,151 B2 12 Patent Owner challenges that conclusion, arguing that “there is no disclosure of any forwarding of the DNS request to a DNS function.” PO Remand Br. 14. In that regard, Patent Owner relies on a statement by the Federal Circuit that Kiuchi’s C-HTTP name server does not, alone, meet the claim requirement. VirnetX, 778 F. App’x at 906–07. Because the Court was not addressing functionality of the combined client-side proxy and C-HTTP name server, this statement does not undermine Petitioner’s asserted combination on which we rely. Indeed, the client-side proxy alone forwards the DNS request to a DNS function when it determines (in conjunction with the C-HTTP name server) that the request does not correspond to a secure server. Patent Owner argues also that simply accessing a DNS function falls short of forwarding a received DNS request to a DNS function, making the distinction between generating a new request and forwarding a received request. PO Remand Sur-Reply Br. 11–12. In Patent Owner’s view, Kiuchi is silent on the details of the interaction and thus cannot anticipate the challenged claims. Id. We do not agree, because Kiuchi’s statement that the client-side proxy behaves “like an ordinary HTTP/1.0 proxy” to perform DNS lookup indicates that the client-side proxy passes on a request already received. Moreover, continues Patent Owner, to the extent Kiuchi addresses the issue, it explains that it uses C-HTTP name service “instead of DNS.” Id. at 12 (quoting Ex. 1002, 7 (“In a C-HTTP-based network, instead of DNS, a C- HTTP based secure, encrypted name and certification service is used.”)). We do not agree. Kiuchi’s statement that it uses its C-HTTP name service instead of DNS does not mean all aspects of Kiuchi’s system use a different IPR2015-01047 Patent 7,490,151 B2 13 format from DNS. Rather, the client-side proxy handling all “external (outside the firewall) access” for user agents within the firewall is consistent with Kiuchi’s user agents using standard DNS-formatted requests. Ex. 1002, 65 (§ 2.3); see Ex. 1003 ¶ 22 (citing Ex. 1002, 65 (§ 2.3)). Moreover, the format of Kiuchi’s C-HTTP requests is not at issue because the claim limitation relates to requests for resources outside the secure system—those for which the C-HTTP name server returns an error. See Ex. 1002, 66 (§ 2.3). In such cases, Kiuchi’s client-side proxy “performs DNS lookup, behaving like an ordinary HTTP/1.0 proxy.” Id. at 65 (§ 2.3). Kiuchi further indicates that nonsecure requests use standard DNS, as it discloses that an alternative service “is used for the C-HTTP-based network,” not for all requests. Id. at 64 (§ 2.1). We find that the claim language reads on Kiuchi’s disclosure of the client-side proxy “behaving like an ordinary HTTP/1.0 proxy” to perform a DNS lookup. As Petitioner points out, Kiuchi’s client-side proxy receives from the client (user agent) a request that contains a URL specifying a hostname. Ex. 1002, 65 (§ 2.3); Pet. 25–28; Pet. Remand Br. 10. Behaving like an ordinary proxy to perform the DNS lookup means that the client-side proxy will send the DNS request to a public DNS server. Pet. 30 (citing Ex. 1003 ¶ 23; Ex. 1002, 65 (§ 2.3)). Against the evidence supporting Kiuchi’s operation for nonsecure connections, Patent Owner has not shown that Kiuchi’s client-side proxy in any way reformats or restructures requests from the user agent. Accordingly, based on a preponderance of the evidence, we find Kiuchi discloses “when the intercepted DNS request does not correspond to IPR2015-01047 Patent 7,490,151 B2 14 a secure server, forwarding the DNS request to a DNS function,” as recited in independent claims 1, 7, and 13. 2. Kiuchi discloses “determining whether the intercepted DNS request corresponds to a secure server” Petitioner asserts that Kiuchi’s client-side proxy and C-HTTP name server, acting together, determine whether the intercepted DNS request corresponds to a secure server. Reply 8–9. That argument is consistent with the Petition’s assertion that Kiuchi’s client-side proxy makes the determination “by asking ‘the C-HTTP name server whether it can communicate with the host specified in a given URL.’” Pet. 28–29 (quoting Ex. 1002, 65 (§ 2.3); citing Ex. 1003 ¶¶ 23–24, 26). Patent Owner challenges Petitioner’s mapping, arguing that Petitioner relies on the C- HTTP name server alone and that its operation cannot be “imputed to the client-side proxy.” PO Remand Br. 14–15. Petitioner’s mapping of the claimed functionality to two devices in Kiuchi is consistent with the ’151 patent’s description. The Specification discloses that functionality may be located in a single computer or may instead by distributed among multiple computers. See Ex. 1001, 38:30–50 (“DNS proxy 2610 returns to user computer 2601 the resolved address passed to it by the gatekeeper . . . . Gatekeeper 2603 can be implemented on a separate computer (as shown in FIG 25) or as a function within modified DNS server 2602. . . . It will be appreciated that the functions of DNS proxy 2610 and DNS server 2609 can be combined into a single server for convenience. . . . [A] check [whether the user is authorized to connect to the secure host] can be made by communicating with gatekeeper 2603 . . . .”), Fig. 26. IPR2015-01047 Patent 7,490,151 B2 15 Patent Owner disputes such reliance on the specification, arguing the specification’s flexibility relates only to “a determination of whether a user has sufficient authorization,” not to “whether the intercepted request corresponds to a secure host.” PO Remand Sur-Reply 13. The Specification is not so constrained. When discussing how the DNS proxy “determines whether access to a secure site has been requested,” it discloses that the determination may be made “for example, by a domain name extension, or by reference to an internal table of such sites.” Ex. 1001, 37:60–65. The use of “for example,” along with the flexible description of various DNS proxy, DNS server, and gatekeeper functions noted above, supports that the claims are not limited to a particular arrangement of hardware. Kiuchi’s client-side proxy using information returned from the C-HTTP name server is consistent with the ’151 patent’s description. Further, in Petitioner’s mapping of the claim language to Kiuchi’s disclosures, Petitioner does not rely on the C-HTTP name server as performing any other aspect of the claims. See Pet. 25–32; Pet. Remand Br. 10–13. Thus, Petitioner does not attempt to use the C-HTTP name server as an element corresponding to multiple claim limitations. See VirnetX, 778 Fed. App’x at 906 (“The Board could not have found that the client-side proxy corresponds to the claimed ‘client’ and is also a part of the DNS proxy module, as the claim makes clear that these are separate components.”). Accordingly, based on a preponderance of the evidence, we find Kiuchi discloses its client-side proxy acting with the C-HTTP name server as the claimed DNS proxy module “determining whether the intercepted IPR2015-01047 Patent 7,490,151 B2 16 DNS request corresponds to a secure server,” as recited in independent claims 1, 7, and 13.8 3. Kiuchi discloses “a secure channel between the client and the secure server” but not “an encrypted channel . . .” Petitioner asserts that, when the user agent requests a resource on an available origin server, “the client-side proxy initiates an encrypted channel on public communication paths between the user agent and the origin server (i.e., the communication path over the Internet between the client-side proxy and the server-side proxy).” Pet. 31 (citing Ex. 1003 ¶¶ 28, 31). Petitioner does not assert, however, that Kiuchi discloses an encrypted connection between its user agent and client-side proxy. See PO Remand Br. 15–16. As Patent Owner argues, an encrypted channel between only the client-side and server-side proxies does not satisfy the requirement of claims 1 and 7 for an encrypted channel between the client and the secure server. Based on the ordinary meaning of the claimed “between” phrases in claims 1 and 7, we agree with Patent Owner that Kiuchi does not disclose encryption extending from the user agent to either the server-side proxy or the origin server. PO Remand Sur-Reply Br. 14; see supra at 8. We reach a different conclusion, however, for claim 13, which requires only a “secure” connection rather than the “encrypted” connection of claims 1 and 7. The Petition relies on Kiuchi’s disclosure of encrypting C- HTTP connections between client-side and server-side proxies. Pet. 34 (citing Ex. 1002, 64 (Abstract), 65). It is undisputed that the link between 8 The variation in claim 13’s language for this limitation does not affect our analysis. IPR2015-01047 Patent 7,490,151 B2 17 Kiuchi’s client-side proxy and server-side proxy is encrypted, and thus secure. Patent Owner disputes whether Petitioner has adequately shown that communications between the user agent and client-side proxy or communications between the server-side proxy and origin server are secure. The Petition asserts that when a server-side proxy receives a request for connection, it “verifies that the client-side proxy is a member of the closed network.” Pet. 34 (citing Ex. 1002, 65 (§§ 2.2, 2.3); Ex. 1003 ¶¶ 26– 28). Further, the Petition points out that Kiuchi permits secure communication “within a closed group of institutions on the Internet, where each member is protected by its own firewall.” Id. at 17 (citing Ex. 1002, 64 (Abstract)); accord Tr. 6:9–11; see also Pet. 25 (showing Kiuchi’s “C-HTTP connection ‘provides [a] secure HTTP communication mechanisms’ in which communications over the C-HTTP connection are encrypted.” (quoting Ex. 1002, 64–66)). Beyond Kiuchi’s disclosures, Petitioner relies on the Federal Circuit’s recognition in an earlier case that Patent Owner’s “expert testified that one of ordinary skill would understand that the path extending from the VPN server to the target computer, i.e., within the private network, would be secure and anonymous owing to protection provided by the private network.” VirnetX, Inc. v. Cisco Sys., Inc., 767 F.3d 1308, 1321 (Fed. Cir. 2014); see Pet. Remand Reply 17–18; Tr. 6:12–19. Patent Owner contests such reliance, pointing out that its expert testified the accused network was secure both because it had a firewall and because it had “been physically secured.” PO Remand Sur-Reply 14 (quoting VirnetX, 767 F.3d at 1321). IPR2015-01047 Patent 7,490,151 B2 18 We find that a preponderance of the evidence shows that Kiuchi discloses “a secure channel between the client and the secure server.” The Specification states that “[i]t is desired for the communications to be secure, that is, immune to eavesdropping.” Ex. 1001, 1:34–35. Based on that disclosure, we understand “secure” to be used consistently with its plain and ordinary meaning, rather than imparting some particularized meaning. Kiuchi discloses that “in-hospital networks are usually protected using a dual home gateway and packet filter (firewall) and the Internet can only be accessed through proxies on the firewalls.” Ex. 1002, 67 (§ 4.2). Further, Kiuchi discloses that it “provides secure HTTP communication mechanisms within a closed group of institutions on the Internet, where each member is protected by its own firewall.” Id. at 64 (Abstract). Patent Owner argues a firewall is insufficient to secure network communications. See PO Remand Sur-Reply 14. We do not agree. As noted above, the record does not support limiting the claim to such a strict application of “secure.” Thus, we agree Kiuchi discloses a “secure channel between the client and the secure server” because data in Kiuchi’s C-HTTP network is encrypted when sent over public segments of the network path and protected using firewalls when sent over private segments.9 Pet. Remand Reply 10. 9 Though not critical to our conclusion, the testimony of Petitioner’s declarant, Dr. Guerin, supports the conclusion that Kiuchi discloses a secure network. Ex. 1003 ¶¶ 17, 29 (“Communications between the user agent and the client-side proxy as well as those between the original server [sic] and the server-side proxy are behind the firewall of their respective site, and therefore protected. This, together with the security afforded by the encrypted C-HTTP connection over the public communication path between the client-side proxy and the server-side proxy, ensures that IPR2015-01047 Patent 7,490,151 B2 19 4. Additional claims As discussed above, Kiuchi discloses the limitations of claim 13. Patent Owner does not provide additional arguments in support of claim 14 with respect to Kiuchi’s disclosures. PO Resp. 25–26; PO Remand Br. 10– 25. We have reviewed Petitioner’s contentions and determine that, on this record, for the reasons given by Petitioner, a preponderance of the evidence shows that claim 14 is unpatentable over Kiuchi. See Pet. 35–37. 5. Summary Having considered the parties’ evidence and argument, we find that a preponderance of the evidence shows that Kiuchi discloses the limitations of claims 13 and 14. We find that a preponderance of the evidence does not show that Kiuchi discloses the limitations of claims 1 or 7, and therefore that Petitioner has not proven unpatentability of claims 1, 2, 6–8, or 12. C. OBVIOUSNESS OVER KIUCHI AND RESCORLA Rescorla is an Internet Draft, a working document of the Internet Engineering Task Force that describes “The Secure HyperText Transfer Protocol,” or S-HTTP. Ex. 1004, 1. As it describes, “Secure HTTP (S-HTTP) provides secure communication mechanisms between an HTTP client-server pair.” Id. at 5. Petitioner relies on Rescorla’s description that “[s]everal cryptographic message format standards may be incorporated into S-HTTP clients and servers” and that “S-HTTP provides full flexibility of cryptographic algorithms, modes and parameters.” Pet. 39–40 (quoting Ex. 1004 § 1.1). communications between the user agent and the origin server are over a secure channel.”) (citation omitted) (citing Ex. 1002, 64). IPR2015-01047 Patent 7,490,151 B2 20 1. Rescorla qualifies as prior art Patent Owner contests Petitioner’s assertions, arguing that Rescorla “does not qualify as a printed publication, and thus cannot be used in an obvious combination.” PO Remand Sur-Reply 15; accord PO Resp. 41–42. According to Patent Owner, “a work is not publicly accessible if the only people who know how to find it are the ones who created it.” PO Remand Sur-Reply 15–16 (quoting Samsung Elecs. Co. v. Infobridge Pte. Ltd., 929 F.3d 1363, 1372 (Fed. Cir. 2019)). In Patent Owner’s view, Petitioner has not adequately shown that the relevant group knew how to find Rescorla. Id.at 16 (“Petitioners introduced no evidence that those outside of the RFC development process would have known how to find Rescorla.”). Patent Owner asserts that Internet Drafts, while developed for “eventual publication as an RFC,” were limited to those developing the draft. Id. Petitioner presents adequate evidence of Rescorla’s public availability. Reply 19–21; see Samsung Elecs. 929 F.3d at 1374 (“Our cases have consistently held that the standard for public accessibility is whether a person of ordinary skill in the art could, after exercising reasonable diligence, access a reference.”). Resorla’s face indicates a February 1996 date. Ex. 1004, 1. It states that it is an Internet-Draft, which is a “working document[] of the Internet Engineering Task Force (IETF).” Id. Rescorla discloses that prior drafts were “distributed” and “published.” Id. As we found in an earlier order, RFC documents, on their face, show that they “are prepared and distributed, are for others to provide comments, are published on a specific date, and that the top right corner of such documents specify a date.” Paper 83, 7. IPR2015-01047 Patent 7,490,151 B2 21 Additionally, RFC 2026 supports the process used for Internet Drafts. Ex. 1010, 8.10 As RFC 2026 states, placing Internet Drafts such as Rescorla on multiple public servers “makes an evolving working document readily available to a wide audience.” Id. That wide availability is consistent with Rescorla, which notes that people at multiple institutions reviewed earlier drafts, supporting both dissemination and availability of documents throughout the process. Ex. 1004, 91. Additionally, Kiuchi refers to an earlier version of Rescorla. Ex. 1002, 70.11 Patent Owner argues that the URL Kiuchi cites is “not the same URL that’s actually on Rescorla.” Tr. 31:12–14. Even so, Kiuchi supports Rescorla’s public availability—Kiuchi’s reference to Rescorla’s predecessor draft shows it was likely people other than “the ones who created” Rescorla knew how to find it. See Samsung, 929 F.3d at 1372. The record supports that artisans reading Kiuchi were aware of Internet Drafts and had specific reason to follow Rescorla’s development. Thus, Rescorla was publicly accessible to the relevant group of skilled artisans.12 Based on the totality of evidence in the record, we have evaluated 10 We recognize that RFC 2026 was published after Rescorla. See PO Resp. 41. But given the relatively close time of the two documents, we view RFC 2026 as evidence regarding how Internet Drafts were disseminated. 11 Patent Owner argues that Petitioner raises a new argument by relying on Kiuchi to support Rescorla’s public availability. Tr. 30:26–31:2; but see Pet. 39 (“Kiuchi expressly refers to an earlier Internet-Draft published as part of the development of RFC 2660.”); Ex. 1024 (Rescorla, E. and A. Schiffman, “The Secure HyperText Transfer Protocol,” RFC 2660, August 1999.). 12 Indeed, the record shows Internet Drafts were shared among “the Internet community for the standardization of protocols and procedures,” and thus IPR2015-01047 Patent 7,490,151 B2 22 Petitioner’s evidence against Patent Owner’s evidence and argument, and we find by a preponderance of evidence that Rescorla was publically accessible as of its February 1996 date. 2. Skilled artisans had reason to modify Kiuchi based on Rescorla Petitioner asserts that a skilled artisan would have had reason to modify Kiuchi’s system in light of Rescorla and would have considered the challenged claims obvious. Pet. 37–41. Petitioner submits that skilled artisans had reason to look to Rescorla’s teachings in light of Kiuchi’s disclosure that C-HTTP “can co-exist with” other secure HTTP proposals and that, “[a]lthough the current C-HTTP implementation assumes the use of HTTP/1.0 compatible user agents and servers, it is possible to develop C- HTTP proxies which can communicate with other secure HTTP compatible user agents and servers.” Pet. 38–39 (quoting Ex. 1002, 69 (§ 4.4)) (citing Ex. 1003 ¶ 33). Moreover, Petitioner points out, Kiuchi expressly refers to an earlier Internet Draft in Rescorla’s line of development. Pet. 39 (citing Ex. 1002, 69–70 (Reference 12: “Rescorla E., Schiffman A. The Securer Hypertext Transfer Protocol, Internet Draft, 1995 (Work in progress, available on the World Wide Web as ‘ftp:ds.internic.net/internet- drafts/draftietf-wts-shttp-00.txt’”))). Petitioner asserts that modifying Kiuchi’s system with Rescorla’s teachings “would result in encrypted communications between the user agent and origin server using S-HTTP messages instead of standard HTTP/1.0 messages.” Pet. 40 (citing Ex. 1003 ¶ 34). Using S-HTTP for embrace the nature of publishing for collaboration. See Samsung, 929 F.3d at 1372 (“To hold otherwise would disincentivize collaboration and depart from what it means to publish something”). IPR2015-01047 Patent 7,490,151 B2 23 communications “would ensure end-to-end encryption between the user agent and origin server” and thereby enhance security by adding “personal- level security.” Id. at 40–41 (citing Ex. 1003 ¶ 35). Patent Owner asserts that Kiuchi’s and Rescorla’s approach are incompatible and that Kiuchi discourages end-to-end encryption. PO Remand Sur-Reply 16–17. That argument was not raised in the Patent Owner Response or Patent Owner’s Remand Opposition; thus, it was waived.13,14 See Paper 12 (“The patent owner is cautioned that any arguments for patentability not raised in the response will be deemed waived.”). Moreover, we agree with Petitioner that skilled artisans had reason to use Rescorla’s teachings in conjunction with Kiuchi. For the reasons provided above, we find that making the asserted combination would have been “the mere application of a known technique to a piece of prior art ready for the improvement.” See KSR Int’l Co. v. Teleflex Inc., 550 U.S. 398, 417 (2007). The record does not support that the combination of Kiuchi and 13 Patent Owner argued in the Response that “Kiuchi discourages end-to-end encryption” and “because encryption does not extend to Kiuchi’s user agent, Kiuchi does not disclose an ‘encrypted channel between the user agent and the origin server via the server side proxy,’ as claimed.” PO Resp. 18; accord PO Remand Br. 16. Those arguments about what Kiuchi teaches were not applied to whether skilled artisans would have combined Rescorla’s teachings with Kiuchi’s. See PO Resp. 27–28. 14 Even considering the argument, Kiuchi’s statement that its approach is “fundamentally different from” “[o]ther secure HTTP protocols” such as those described in Rescorla (Ex. 1002, 66–67) does not discourage using both together. Kiuchi’s assertions of “the following enhancements for security protection” (id. at 68) do not mandate that a skilled artisan would necessarily adopt Kiuchi unchanged. IPR2015-01047 Patent 7,490,151 B2 24 Rescorla would have been unpredictable. Thus, the record shows that Rescorla’s technique for end-to-end encryption would improve Kiuchi’s system just as it was used in Rescorla. See id. (“[I]f a technique has been used to improve one device, and a person of ordinary skill in the art would recognize that it would improve similar devices in the same way, using the technique is obvious unless its actual application is beyond his or her skill.”). Other than as discussed above, Patent Owner does not contest the combination of Kiuchi and Rescorla. See PO Resp. 27–28.15 3. Patent Owner’s asserted objective indicia of nonobviousness are not persuasive Patent Owner asserts that objective indicia of nonobviousness support a conclusion of patentability. PO Resp. 29–36. Patent Owner asserts that Apple’s market success supports nonobviousness of the patented invention through commercial success, because a jury found Apple to infringe the ’151 patent. PO Resp. 33. As Patent Owner points out, “success of an infringing product is considered to be evidence of the commercial success of the claimed invention.” Brown & Williamson Tobacco Corp. v. Philip Morris Inc., 229 F.3d 1120, 1130 (Fed. Cir. 2000). Although Petitioner challenges Patent Owner’s reliance on its declarant Dr. Short, as discussed below, 15 Patent Owner argued Petitioner belatedly raises “mapping No. 2 in their obviousness argument” and that the Petitioner only maps “the client side proxy to the origin server.” Tr. 30:9–10; but see Pet. 38 (asserting that Rescorla buttresses Kiuchi’s teachings regarding a “channel that extends from the client to the secure server rather than just an intermediate portion there-between”), 41 (identifying a “channel that starts at the user agent (acting as a client) and ends at the origin server (a secure server)”). IPR2015-01047 Patent 7,490,151 B2 25 Petitioner does not address Patent Owner’s reliance on the jury’s infringement finding. See Reply 17. Patent Owner points out that the jury’s damages award exceeded $625 million, but does not address that the case included two additional patents. See Ex. 2052. More significantly, however, Patent Owner does not provide evidence allowing us to understand how the jury’s damages award relates to the overall industry—the record does not reflect the scope of that industry or Apple’s place within it. Cf. In re Huang, 100 F.3d 135, 140 (Fed. Cir. 1996) (noting that “evidence related solely to the number of units sold provides a very weak showing of commercial success, if any”). Thus, Patent Owner’s evidence at most weakly shows commercial success of the patented invention. Patent Owner’s other assertions rely on a declaration from Dr. Short, Ex. 2050. See PO Resp. 29–36. But Patent Owner did not make Dr. Short available for cross examination in this proceeding, and we therefore afford his declaration little to no weight. See Ex. 2060, 12:18–13:3, 19:17–20. As discussed in the Original Decision, Patent Owner does not establish the required factual support for its asserted indicia of nonobviousness. Original Decision 16–24. In light of the minor modification Petitioner proposes to Kiuchi’s system based on Rescorla’s teachings, Patent Owner’s evidence of Apple’s commercial success does not outweigh the evidence of obviousness. See Lectrosonics Inc. v. Zaxcom, Inc., IPR2018-00972, Paper 41, 23–24 (“Ultimately, the fact finder must weigh the secondary considerations evidence presented in the context of whether the claimed invention as a IPR2015-01047 Patent 7,490,151 B2 26 whole would have been obvious to a skilled artisan.” (citing WBIP, LLC v. Kohler Co., 829 F.3d 1317, 1331-32 (Fed. Cir. 2016))). Patent Owner’s assertions of nonobvious, considered together with the evidence of commercial success, similarly fail to persuade us that the claimed invention would not have been obvious over Kiuchi and Rescorla. 4. Additional Claims As discussed above, the combination of Kiuchi and Rescorla directly remedies the deficiency with Kiuchi’s disclosure regarding an encrypted channel between the client and the secure server. Thus, the combination of Kiuchi and Rescorla renders obvious claims 1 and 7. The combination renders obvious claim 13 also because applying Rescorla’s methods to claim 13 would not undermine any of Kiuchi’s disclosures that support anticipation; if anything, Rescorla’s methods would further support creation of a secure channel between the client and the secure server. Claim 2 recites determining whether the client is authorized to access the secure server. Patent Owner argues that Kiuchi only discloses “checking whether” a server “is registered in the network” but fails to disclose determining whether a client is “authorized” to access the secure server, as recited in claim 2, because “whether the server-side proxy [of Kiuchi] is permitted to connect says nothing as to the client computer’s authorization.” PO Resp. 26. However, Patent Owner does not assert or demonstrate sufficiently a difference between (1) determining if a device is “permitted” to connect (as disclosed by Kiuchi) and establishing a connection between a client and the server only if the device is determined to be “permitted” to connect and (2) determining if the client is “authorized” to access the secure server. One of skill in the art would have understood that a client determined IPR2015-01047 Patent 7,490,151 B2 27 to be “permitted to connect” is also determined to be “authorized” to connect. Otherwise, the client would not be permitted to connect with the server, which would be contrary to the determination that the device is “permitted to connect.” Patent Owner does not provide additional arguments in support of claims 6–8 or 12–14 with respect to Kiuchi’s disclosures. PO Resp. 25–26; PO Remand Br. 10–25. We have reviewed Petitioner’s contentions and determine that, on this record, for the reasons given by Petitioner, a preponderance of the evidence shows that claims 2, 6, 8, 12, and 14 are unpatentable. See Pet. 35–37. 5. Summary Kiuchi discloses all elements of claims 1 and 7 other than “an encrypted channel between the client and secure server.” See supra at 8–19. Considering Kiuchi’s disclosures together with Rescorla’s methods for encrypted S-HTTP communication renders the entire subject matter of each claims 1 and 7 obvious, along with that of claim 13. Skilled artisans had reason, as Petitioner explains, to combine Rescorla’s teachings with Kiuchi’s to result in the claimed system. Petitioner has also shown that Kiuchi discloses the additional limitations of dependent claims 2, 6, 8, 12, and 14. See Pet. 35–37. Accordingly, Petitioner has shown by a preponderance of the evidence that claims 1, 2, 6–8, and 12–14 are unpatentable as obvious over Kiuchi and Rescorla. IPR2015-01047 Patent 7,490,151 B2 28 D. OBVIOUSNESS OVER KIUCHI AND RFC 1034 Petitioner’s obviousness contentions include modifying Kiuchi based on RFC 1034, with or without Rescorla. Pet. Remand Br. 15–27. Because we conclude the challenged claims are unpatentable as either anticipated by Kiuchi or rendered obvious by Kiuchi and Rescorla alone, we do not reach Petitioner’s ground based on Kiuchi and RFC 1034. E. DR. GUERIN’S DECLARATION Patent Owner argues that we should not afford Dr. Guerin’s declaration (Exhibit 1003) any weight because “it was altered by counsel after he signed it.” PO Remand Br. 25 (citing PO Resp. 37–39; Paper 82, 11–14). As we noted in an earlier Decision on Request for Rehearing, “[w]e note that Exhibit 1003 merely confirms what is already apparent in the Petition and/or the Kiuchi reference itself.” Paper 83, 6. We reached the same conclusion as to public availability of RFC documents—that our conclusion did not turn on Dr. Guerin’s declaration. Id.at 6–7. We reach the same conclusion here. Dr. Guerin’s declaration does not drive our conclusion on any disputed issue. Additionally, Patent Owner has not demonstrated that any relevant modifications were made without Dr. Guerin’s agreement. Thus, Patent Owner’s argument is not persuasive. F. TERMINATION UNDER § 315(B) Patent Owner argues that this proceeding should be terminated under 35 U.S.C. § 315(b) in light of Apple’s joinder to the proceeding. PO Remand Br. 29–30. As Patent Owner recognizes, however, the Federal Circuit rejected this argument as raised in the first appeal. VirnetX, 778 F. App’x at 901. Because the Federal Circuit left open whether prejudice could arise IPR2015-01047 Patent 7,490,151 B2 29 later (see id. at 902), Patent Owner “continues to object” because “Apple’s counsel continued to assume a leading role” in the proceedings. PO Remand Br. 29–30. We determine that Patent Owner has not identified any material change in the case due to Apple’s participation and decline to terminate based on § 315(b). G. CONSTITUTIONALITY Patent Owner raises an argument relying on Arthrex, Inc. v. Smith & Nephew, Inc., 941 F.3d 1320 (Fed. Cir. 2019). PO Remand Br. 29. That argument, however, is not sufficient explained and attempts to incorporate by reference to Patent Owner’s other papers. See id. Our rules prohibit such incorporation and considering Patent Owner’s arguments from the referenced papers would violate the word limit applicable to Patent Owner’s remand brief. See 37 C.F.R. § 42.6(a)(3) (2019). In any event we see little merit to Patent Owner’s Appointment’s Clause challenge. Even apart from the fact the interlocutory discovery order issued by the panel in this case was not a final agency action, Patent Owner waived any such challenge by not raising it before the agency or the Federal Circuit during the original appeal of this case. See Vivint, Inc. v. Alarm.com Inc., Fed. Cir. Nos. 19-2438, -2439, ECF No. 29 at 2 (holding that Vivint’s failure to raise an Appointments Clause challenge in its original appeal forfeited its ability to do so after remand because it did not “‘timely raise[]’ its challenge ‘before the first body capable of providing it with the relief sought’”) (quoting Arthrex, Inc. v. Smith & Nephew, Inc., 941 F.3d 1320, 1339 (Fed. Cir. 2019)). IPR2015-01047 Patent 7,490,151 B2 30 III. CONCLUSION For the reasons discussed above, we conclude that Petitioner has proven the challenged claims are unpatentable.16 In summary Claims 35 U.S.C. § Reference(s)/Basis Claims Shown Unpatentable Claims Not Shown Unpatentable 1, 2, 6–8, 12–14 102 Kiuchi 13, 14 1, 2, 6–8, 12 1, 2, 6–8, 12–14 103 Kiuchi, Rescorla 1, 2, 6–8, 12–14 1, 2, 6–8, 12–14 103 17 Kiuchi, RFC 1034 1, 2, 6–8, 12–14 103 18 Kiuchi, RFC 1034, Rescorla Overall Outcome 1, 2, 6–8, 12–14 16 Should Patent Owner wish to pursue amendment of the challenged claims in a reissue or reexamination proceeding subsequent to the issuance of this decision, we draw Patent Owner’s attention to the April 2019 Notice Regarding Options for Amendments by Patent Owner Through Reissue or Reexamination During a Pending AIA Trial Proceeding. See 84 Fed. Reg. 16,654 (Apr. 22, 2019). If Patent Owner chooses to file a reissue application or a request for reexamination of the challenged patent, we remind Patent Owner of its continuing obligation to notify the Board of any such related matters in updated mandatory notices. See 37 C.F.R. § 42.8(a)(3), (b)(2). 17 As explained above, we do not reach this ground of unpatentability because it would not change our Order or offer any additional analysis of disputed issues. 18 As explained above, we do not reach this ground of unpatentability because it would not change our Order or offer any additional analysis of disputed issues. IPR2015-01047 Patent 7,490,151 B2 31 IV. ORDER In consideration of the foregoing, it is hereby: ORDERED that claims 1, 2, 6–8, and 12–14 of the ’151 patent are unpatentable; and FURTHER ORDERED that, because this is a Final Written Decision, parties to the proceeding seeking judicial review of the decision must comply with the notice and service requirements of 37 C.F.R. § 90.2. IPR2015-01047 Patent 7,490,151 B2 32 PETITIONER: Abraham Kasdan WIGGIN AND DANA LLP akasdan@wiggin.com James T. Bailey jtb@jtbaileylaw.com Jeffrey Kushan Scott Border SIDLEY AUSTIN LLP IPRNotices@sidley.com sborder@sidley.com Thomas Martin Wesley Meinerding MARTIN & FERRARO, LLP tmartin@martinferraro.com wmeinerding@martinferraro.com PATENT OWNER: Joseph Palys Naveen Modi Daniel Zeilberger Chetan Bansal PAUL HASTINGS LLP josephpalys@paulhastings.com naveenmodi@paulhastings.com danielzeilberger@paulhastings.com chetanbansal@paulhastings.com Copy with citationCopy as parenthetical citation