`571.272.7822 Filed: September 28, 2016
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`APPLE INC.,
`Petitioner,
`
`v.
`
`VIRNETX INC.,
`Patent Owner.
`____________
`
`Case IPR2015-00868
`Patent 8,516,131 B2
`____________
`
`
`
`Before KARL D. EASTHOM, JENNIFER S. BISK, and
`GREGG I. ANDERSON, Administrative Patent Judges.
`
`ANDERSON, Administrative Patent Judge.
`
`
`
`FINAL WRITTEN DECISION
`35 U.S.C. § 318(a) and 37 C.F.R. § 42.73
`
`I. INTRODUCTION
` Apple Inc. (“Petitioner”) filed a Petition (Paper 1, “Pet.”) pursuant to
`35 U.S.C. §§ 311–319 to institute an inter partes review of claims 1–10, 13-
`22, and 25–27 of U.S. Patent No. 8,516,131 B2 (Ex. 1003, “the ’131
`
`
`
`
`
`
`
`IPR2015-00868
`Patent 8,516,131 B2
`
`patent”). VirnetX Inc. (“Patent Owner”)1 filed a Preliminary Response.
`Paper 6 (“Prelim. Resp.”). We have jurisdiction under 35 U.S.C. § 314. On
`October 1, 2015, we granted the Petition and instituted trial on claims 1–10,
`13–22, and 25–27 of the ’131 patent. Paper 8 (“Institution Decision” or
`“Inst. Dec.”)
`After institution of trial, Patent Owner filed a Patent Owner Response
`(Paper 23, “PO Resp.”), and Petitioner filed a Reply (Paper 26, “Reply”).
`Additionally, Patent Owner filed a Motion to Exclude evidence (Paper 30,
`“Motion,” “Mot.”). In support of its Petition, Petitioner proffered the
`Declaration of Dr. Roberto Tamassia (“Tamassia Declaration,” Ex. 1005).
`The deposition of Dr. Tamassia was taken by Patent Owner and filed by
`both parties. (“Tamassia Deposition,” Ex. 1071).2 Patent Owner proffered
`the Declaration of Dr. Fabian Monrose. (“Monrose Declaration,” Ex. 2018).
`The deposition of Dr. Monrose (“Monrose Deposition,” Ex. 1066) was taken
`in this proceeding and in Apple v. VirnetX Inc., IPR2014-00237, Final
`Written Decision (PTAB May 11, 2015) (Paper No. 41) (“’237 FWD” or
`generally “’237 IPR”)) (on appeal at the Federal Circuit).3
`An oral hearing was held on June 27, 2016. The transcript of the
`hearing has been entered into the record. Paper 38 (“Tr.”).
`
`
`1 The Petition also names Science Application International Corporation as
`Patent Owner. However, the Patent Owner Response names only VirnetX
`Inc.
`2 Patent Owner filed the Tamassia Deposition as Exhibit 2019. We refer
`only to Exhibit 1071 unless otherwise noted.
`3 The deposition of Dr. Monrose (Ex. 1067) from the ’237 IPR was also filed
`here but neither party cites to Exhibit 1067.
`2
`
`
`
`
`
`IPR2015-00868
`Patent 8,516,131 B2
`
`
`We have jurisdiction under 35 U.S.C. § 6(c). This Final Written
`Decision is issued pursuant to 35 U.S.C. § 318(a). We conclude, for the
`reasons that follow, that Petitioner has shown by a preponderance of the
`evidence that claims 1–10, 13–22, and 25–27 of the ʼ131 patent are
`unpatentable.
`A. The ’131 Patent
`The ’131 patent describes a system and method for transparently
`creating a secure communications link between a client device and a target
`device. Ex. 1003, Abstract, Figs. 26, 27 (elements 2601, 2604). Secure
`communication is based on a protocol called the “Tunneled Agile Routing
`Protocol” or “TARP.” Id. at 3:16–19. Once the encrypted communications
`channel is created, the devices are configured to allow encrypted
`communications between themselves over the encrypted communications
`channel. Id. at 40:36–45. Figure 26 of the ’131 patent is reproduced below.
`
`
`
`
`
`3
`
`
`
`IPR2015-00868
`Patent 8,516,131 B2
`
`
`
`Referring to Figure 26, reproduced above, user’s computer 2601 is a
`conventional client, e.g., a web browser. Ex. 1003, 40:26–28. Gatekeeper
`server 2603 is interposed between modified Domain Name Server (“DNS”)
`2602 and secure target site 2604. Id. at 40:30–35. The DNS includes both
`conventional DNS server function 2609 and DNS proxy 2610. Id.
`Conventional IP protocols allow access to unsecure target site 2611. Id. at
`40:58–59.
`In one described embodiment, establishing the encrypted
`communications channel includes intercepting from the client device a
`request to look up an Internet Protocol (IP) address corresponding to a
`domain name associated with the target device. Ex. 1003, 40:36–54. It
`further includes determining whether the request to look up the IP address
`corresponds to a device that accepts an encrypted channel connection with
`the client device. Id. at 40:36–59. Gatekeeper 2603 facilitates and allocates
`the exchange of information for secure communication, such as using
`“hopped” IP addresses. Id. at 40:67–41:3.
`The DNS proxy server handles requests for DNS look-up for secure
`hosts. Ex. 1003, 41:11–15. If the host is secure, then it is determined
`whether the user is authorized to connect with the host. Id. at 41:20–23. If
`the user is authorized to connect, a secure Virtual Private Network (VPN) is
`established between the user’s computer and the secure target site. Id. at
`41:35–38.
`
`B. Illustrative Claim
`Petitioner challenges claims 1–10, 13–22, and 25–27 of the ’131
`patent. Claim 1 is an independent apparatus claim and claim 15 is an
`
`
`
`4
`
`
`
`IPR2015-00868
`Patent 8,516,131 B2
`
`independent method claim. All remaining claims depend directly or
`indirectly from claim 1 or 15. Method claim 15 is reproduced below.
`15. A method executed by a first network device for
`communicating with a second network device, the method
`comprising:
`sending a request to look up an internet protocol (IP)
`address of a second network device based on a domain name
`associated with the second network device;
`following interception of the request and a determination
`that the second network device is available for the secure
`communications service, receiving an indication that the second
`network device is available for a secure communications service,
`the requested IP address of the second network device, and
`provisioning information for a secure communication link;
`connecting to the second network device over the secure
`communication link, using the received IP address of the second
`network device and the provisioning information for the secure
`communication link; and
`communicating at least one of video data and audio data
`the
`second network device using
`the
`secure
`with
`communications service via the secure communication link.
`
`Ex.1003, 57:11–30.
`
`C. Instituted Ground of Unpatentability
`We instituted on the ground that claims 1–10, 13–22, and 25–27 were
`unpatentable under 35 U.S.C. § 103 over Beser4 and RFC 2401.5 Inst. Dec.
`19.
`
`
`4 US 6,496,867 B1, issued December 17, 2002, to Nurettin B. Beser and
`Michael Borella (“Beser,” Ex. 1007).
`5 S. Kent & R. Atkinson, Security Architecture for the Internet Protocol,
`Request for Comments: 2401, 1–66 (November 1998) (BBN Corp.) (“RFC
`2401,” Ex. 1008).
`
`
`
`5
`
`
`
`IPR2015-00868
`Patent 8,516,131 B2
`
`
`II. ANALYSIS
`
`A. Claim Construction
`In an inter partes review, the Board construes claim terms in an
`unexpired patent under their broadest reasonable construction in light of the
`specification of the patent in which they appear. See 37 C.F.R. § 42.100(b);
`Cuozzo Speed Techs., LLC v. Lee, 136 S. Ct. 2131, 2144–46 (2019). Under
`this standard, absent any special definitions, claim terms or phrases are given
`their ordinary and customary meaning, as would be understood by one of
`ordinary skill in the art, in the context of the entire disclosure. In re
`Translogic Tech., Inc., 504 F.3d 1249, 1257 (Fed. Cir. 2007). The Board
`construed claim terms similar to those at issue here in several other
`proceedings challenging patents related to the ’131 patent. See, e.g., ’237
`FWD; Apple Inc. v. VirnetX Inc., IPR2014-00481, Final Written Decision
`(PTAB Aug. 24, 2015) (Paper 35)(“’481 FWD” or generally “’481 IPR”)(on
`appeal at the Federal Circuit); VirnetX, Inc. v. Cisco Sys., Inc., 767 F.3d
`1308, 1317–19 (Fed. Cir. 2014) (addressing ancestor Patent Owner patents
`having similar claim terms).
`Petitioner and Patent Owner each proffer proposed constructions of
`several claim terms. See Pet. 9–17; PO Resp. 4–26. Regardless of the
`preceding, Petitioner contends that the only terms Patent Owner argues are
`not disclosed by Beser and RFC 2401 are “interception” and “virtual private
`network link.” Pet. Reply 1–2 (citing PO Resp. 4–5, 18–24). Patent Owner
`disagrees with the Institution Decision where we construed “secure
`communication link” and “provisioning information.” PO Resp. 1–2; see
`Inst. Dec. 7–9. In addition to the terms identified by Petitioner, Patent
`Owner argues its proposed constructions the following terms: “interception
`
`
`
`6
`
`
`
`IPR2015-00868
`Patent 8,516,131 B2
`
`of the request,” “secure communication link,” “provisioning information,”
`and “virtual private network link.” PO Resp. 4–24. Patent Owner identifies
`an additional four terms which it categorizes as either not requiring
`construction or as consistent with Petitioner’s proposed constructions. Id. at
`25–26.
`We have compared Patent Owner’s arguments in its Response to the
`terms it identifies for construction. Specifically, Patent Owner argues Beser
`and RFC 2401 do not disclose: (1) “intercepting from the client device a
`request to look up an Internet Protocol (IP) address” or “intercepting” (the
`“intercepting limitation”);6 and (2) a “virtual private network link” recited
`by claim 10.7 However, as discussed in II.I. of this Decision, Patent Owner
`does not argue the construction of “virtual private network link” as a basis
`for patentability of claim 10.
`No other argument in the Response is based on a term Patent Owner
`proposes for construction. We, therefore, agree with Petitioner that the only
`terms that may require construction are “intercepting from the client device a
`request to look up an Internet Protocol (IP) address” and “virtual private
`network link.” See Pet. Reply 1–2; see also Vivid Techs., Inc. v. Am. Sci. &
`Eng’g, Inc., 200 F.3d 795, 803 (Fed. Cir. 1999) (claim terms need only be
`construed to the extent necessary to resolve the case).
`1. “interception” (claims 1, 9, 14, 15, 26, and 27)
`Independent method claim 15 recites “following interception of the
`request and a determination that the second network device is available for
`
`
`6 PO Resp. 32–36.
`7 PO Resp. 45–46.
`
`
`
`7
`
`
`
`IPR2015-00868
`Patent 8,516,131 B2
`
`the secure communications service.” Claims 9, 14, 15, 26, and 27 also recite
`“interception of the request” or “interception.”
`Petitioner proposes a construction from the institution decision in the
`’237 IPR, “receiving a request pertaining to a first entity at another entity.”
`Pet. 10–11. This construction was adopted in the ’237 IPR. See ’237 FWD,
`10–12.
`Quoting Patent Owner in the ’237 IPR, we noted that Patent Owner
`“disagrees with this construction” (’237 PO Resp. 23), but “believes that no
`construction is necessary” (id. at 26), because “it does not appear that the
`construction of ‘intercepting’ will bear on the outcome of the issues in this
`inter partes review” (id. at 23). ’237 FWD, 11. The ’237 IPR and this
`proceeding involve the same issue with respect to this term and the asserted
`prior art. Patent Owner does not dispute the relevance of the ’237 IPR,
`including the construction of the intercepting limitation. See PO Resp. 33,
`n.3 (referencing our construction of the intercepting limitation in the ’237
`IPR). Patent Owner states in the instant proceeding that “no construction is
`necessary.” PO Resp. 4 (Table, “Patent Owner’s Proposed Construction”).
`Nevertheless, Patent Owner urges that if we construe the term, then we
`should adopt Patent Owner’s construction: “receiving a request to look up an
`internet protocol address and, apart from resolving it into an address,
`preforming an evaluation on it related to establishing a secure
`communication link.” Id.
`To support its proposed alternative construction in this proceeding,
`Patent Owner argues its alternative construction “appropriately captures the
`notion of performing an additional evaluation on a request to look up an IP
`address related to establishing an encrypted communications channel,
`
`
`
`8
`
`
`
`IPR2015-00868
`Patent 8,516,131 B2
`
`beyond conventionally resolving it and returning the address.” PO Resp. 5
`(citing Prelim. Resp. 25–288). Patent Owner’s arguments and the record
`show that Patent Owner’s proposed construction adds unnecessary
`functionality to “intercepting a request” and violates the plain language of
`the claim. According to Patent Owner’s arguments, another recited phrase
`in the independent claims (claims 1 and 15), captures the functionality, in
`particular, the “determination” clause of those claims. Id. More
`specifically, Patent Owner argues in the determination clause of claims 1
`and 15 “a determination is made as a result of the request [to look up an IP
`address] that the second network device is a device that is available for the
`secure communication service.” Id. We are not persuaded that functionality
`in another limitation of the independent claims supports Patent Owner’s
`proposal. Indeed, that the additional functionality Patent Owner proposes is
`covered elsewhere in the same claim would make Patent Owner’s proposed
`construction of the intercepting limitation duplicative and/or confusing.
`The parties agree that the intercepting limitation (at least) involves
`receiving a request at some intermediate device. PO Resp. 4; Pet. 9–10.
`Patent Owner’s proposed construction does not create any distinction
`between receiving and intercepting. According to Petitioner’s proposed
`construction, an “interception” by (intermediate) proxy DNS includes
`“receiving a request at a device other than the device specified in the
`request.” Pet. 10 (citing Ex. 1005 ¶ 98). Petitioner contends that the DNS
`
`
`8 To the extent it attempts to do so, it is improper for Patent Owner to
`incorporate the Preliminary Response in its Response by reference. 37
`C.F.R. § 42.6(a)(3). To the extent the arguments are repeated in the
`Response, they are proper and will be considered.
`9
`
`
`
`
`
`IPR2015-00868
`Patent 8,516,131 B2
`
`proxy 2610 “‘intercepts’ all DNS lookup functions to examine whether
`access to a secure site has been requested.” Id. (citing Ex. 1003, 40:36–42,
`Figs. 26, 27). Furthermore, as quoted above, Patent Owner agreed in the
`’237 IPR that Petitioner’s construction captured “the disclosed
`embodiments.” ’237 PO Resp. 26. In essence, Petitioner’s construction
`captures the notion of interception as disclosed in the ’131 patent, by
`requiring receiving to “pertain” to another entity.
`Based on the foregoing discussion, the record shows that the
`additional functionality urged by Patent Owner should not be imported into
`the intercepting limitation, and Petitioner’s construction tracks the claim and
`Specification. Accordingly, as set forth in the ’237 IPR Final Written
`Decision, the broadest reasonable construction of the intercepting limitation
`is “receiving a request pertaining to a first entity at another entity.”
`b. “virtual private network (VPN) link” (claim 10)
`We did not construe “virtual private network link” in the Institution
`Decision. In the institution decision of the ’481 IPR, involving the related
`’180 patent,9 we interpreted “virtual private network communication link”10
`to mean “a transmission path between two devices that restricts access to
`data, addresses, or other information on the path, generally using obfuscation
`methods to hide information on the path, including, but not limited to, one or
`more of authentication, encryption, or address hopping.” ’481 IPR,
`
`
`9 U.S. Patent No. 7,188,180 is a continuation-in-part of U.S. Patent No.
`6,502,135. ’481 IPR, Ex. 1001, (60). The ’131 patent is also a continuation-
`in-part of US Patent No. 6,502,135. Ex. 1003, (63).
`10 The additional term “communication” does not affect the construction.
`The addition of “communication” at most makes it clear that the “link” is
`one for “communication.”
`
`
`
`10
`
`
`
`IPR2015-00868
`Patent 8,516,131 B2
`
`Institution Decision, slip op. at 6–7 (PTAB Sept. 3, 2014)(Paper 11).
`Petitioner adopts the construction from the ’481 IPR Institution Decision.
`Pet. 16 (citing Ex. 1005 ¶ 117). Patent Owner argues that Petitioner’s
`proposed construction “contradicts the plain language of the claims, is
`internally inconsistent, [and] is inconsistent with the ’131 patent
`specification and prosecution history and is inconsistent with its own prior
`statements.” PO Resp. 18–19. Instead, Patent Owner asserts the correct
`construction should be “[a] path between two devices in a virtual private
`network.” Id. at 18 (citing Ex. 2018 ¶¶ 31–39). Notwithstanding the
`preceding, Patent Owner argues a “virtual private network link” should have
`certain characteristics including: a virtual private network; a network;
`“authentication” and address hopping” alone do not establish a “virtual
`private network link:” encryption is required;” and the link must be “direct.”
`Id. at 19–24. For purposes of this Decision, we need not resolve the dispute
`between the parties on this term because, as discussed in II.I. below, we
`determine that Petitioner has shown, by a preponderance of the evidence,
`that this limitation, under either party’s proposed construction, would have
`been obvious over the combination of Beser and RFC 2401.
`OBVIOUSNESS-BESER AND RFC 2401
`Petitioner alleges claims 1–10, 13–22, and 25–27 would have been
`obvious over Beser and RFC 2401. Pet. 26–57. Petitioner’s evidence
`includes the Tamassia Declaration, which describes Beser and RFC 2401.
`Ex. 1005 ¶¶ 312–402, 421–441.
`
`B. Level of Ordinary Skill in the Art
`Petitioner’s expert, Dr. Tamassia, states that a person of ordinary skill
`in the art would have “a good working knowledge of networking protocols,
`
`
`
`11
`
`
`
`IPR2015-00868
`Patent 8,516,131 B2
`
`including those employing security techniques, as well as cryptographic
`methods and computer systems that support these protocols and techniques.”
`Ex. 1005 ¶ 148; see Pet. 8. Such a person would have gained this
`knowledge “either through several years of practical working experience or
`through education and training” or some combination of both. Id.
`Patent Owner’s expert, Dr. Monrose, states that “a person of ordinary
`skill in the art [at the relevant time] would have had a master’s degree in
`computer science or computer engineering, as well as two years of
`experience in computer networking with some accompanying exposure to
`network security.” Ex. 2018 ¶ 13. Dr. Monrose adds that his “view is
`consistent with VirnetX’s view that a person of ordinary skill in the art
`requires a master’s degree in computer science or computer engineering and
`approximately two years of experience in computer networking and
`computer security.” Id.
`We are persuaded that Patent Owner’s description of the background
`of a person of ordinary skill in the art is not lower than or inconsistent with
`Petitioner’s description. Instead, Patent Owner’s definition requires a
`particular educational background, but appears to result in the same level of
`expertise as Petitioner’s definition. Based on the testimony of the parties’
`experts as well as our review of the ’131 patent and the prior art involved in
`this proceeding, we conclude that a person of ordinary skill in the art would
`have a master’s degree in computer science or computer engineering and
`approximately two years of experience in computer networking and
`computer security—or the equivalent, obtained through practical work
`experience and training.
`
`
`
`12
`
`
`
`IPR2015-00868
`Patent 8,516,131 B2
`
`
`C. Tamassia Declaration11
`Patent Owner argues that the entirety of Dr. Tamassia’s Declaration
`should be given little or no weight because “he failed to consider, let alone
`opine on, how any of the claim features are disclosed in asserted references.”
`PO Resp. 47. Petitioner responds that Dr. Tamassia has “offered probative
`testimony on many of the factual inquiries underpinning an obviousness
`analysis” that “can certainly ‘assist the trier of fact to understand the
`evidence or determine a fact in issue.’” Reply 22–23 (citing Fed. R. Evid.
`702). Petitioner adds that “no rule requires an expert to opine on the
`ultimate question [of obviousness] or on every potentially relevant fact at
`issue for his opinion to be admissible or entitled to weight.” Id. at 23.
`Patent Owner has not articulated a persuasive reason for giving Dr.
`Tamassia’s Declaration, as a whole, little or no weight in our analysis. We
`agree with Petitioner that experts are not required to opine on every relevant
`factual and legal issue in order to be accorded substantial weight. The cases
`Patent Owner relies on do not persuade us otherwise. For example, Patent
`Owner cites Schumer v. Laboratory Computer Systems, Inc., 308 F.3d 1304,
`1315 (Fed. Cir. 2002), for the proposition that “expert testimony ‘must
`identify each claim element, state the witnesses’ interpretation of the claim
`element, and explain in detail how each claim element is disclosed in the
`prior art reference.’” PO Resp. 48. Patent Owner’s quotation, however,
`mischaracterizes Schumer by omitting introductory words necessary to the
`meaning of the quoted sentence. In its entirety, the quoted portion of
`Schumer states the following:
`
`
`11 We address Patent Owner’s motion to exclude certain paragraphs of
`Exhibit 1005 in a separate section, below.
`13
`
`
`
`
`
`IPR2015-00868
`Patent 8,516,131 B2
`
`
`Typically, testimony concerning anticipation must be testimony
`from one skilled in the art and must identify each claim element,
`state the witnesses’ interpretation of the claim element, and
`explain in detail how each claim element is disclosed in the prior
`art reference. The testimony is insufficient if it is merely
`conclusory.
`
`Schumer, 308 F.3d at 1315–16 (emphasis added). The Federal Circuit then
`adds that it is not the task of the courts to “attempt to interpret confusing or
`general testimony to determine whether a case of invalidity has been made
`out” and “if the testimony relates to prior invention and is from an interested
`party, as here, it must be corroborated.” Id. So, instead of laying out a
`specific, required format for the content of all testimony regarding
`invalidity, as asserted by Patent Owner, this portion of Schumer confirms the
`unremarkable proposition that conclusory, overly general, confusing, and
`self-interested testimony should not be relied upon. Id.; see also Koito Mfg.
`Co., Ltd. v. Turn-Key-Tech, LLC, 381 F.3d 1142, 1152 (Fed. Cir. 2004)
`(“General and conclusory testimony, such as that provided by Dr. Kazmer in
`this case, does not suffice as substantial evidence of invalidity”). Patent
`Owner has not shown that the whole of Dr. Tamassia’s testimony suffers
`from any of these failings.
`Under 37 C.F.R. § 42.1(d), we apply the preponderance of the evidence
`standard in determining whether Petitioner has established unpatentability.
`In doing so, it is within our discretion to determine the appropriate weight to
`be accorded the evidence presented, including expert opinion, based on the
`disclosure of the underlying facts or data upon which that opinion is based.
`Thus, we decline to make a determination about Dr. Tamassia’s opinion, as a
`whole. Rather, in our analysis we will consider, as it arises, relevant
`
`
`
`14
`
`
`
`IPR2015-00868
`Patent 8,516,131 B2
`
`portions of Dr. Tamassia’s testimony and determine the appropriate weight
`to accord that particular testimony.
`
`D. Prior Art Printed Publication Status of RFC 2401
`Patent Owner asserts that Petitioner has not sufficiently established
`that RFC 2401 qualifies as a printed publication as of its alleged publication
`date. PO Resp. 51–59. We look to the underlying facts to make a legal
`determination as to whether a document is a printed publication. Suffolk
`Techs., LLC v. AOL Inc., 752 F.3d 1358, 1364 (Fed. Cir. 2014). The
`determination of whether a document is a “printed publication” under 35
`U.S.C. § 102(b) involves a case-by-case inquiry into the facts and
`circumstances surrounding its disclosure to members of the public. In re
`Klopfenstein, 380 F.3d 1345, 1350 (Fed. Cir. 2004). Public accessibility is a
`key question in determining whether a document is a printed publication and
`is determined on a case-by-case basis. Suffolk Techs., 752 F.3d at 1364. To
`qualify as a printed publication, a document “must have been sufficiently
`accessible to the public interested in the art.” In re Lister, 583 F.3d 1307,
`1311 (Fed. Cir. 2009) (internal citation and quotation omitted).
`In our Institution Decision, we found that RFC 2401 included indicia
`suggesting a reasonable likelihood that the document was made public
`because (1) RFC 2401 is a dated “Request for Comments” from the
`“Network Working Group,” discussing a particular standardized security
`protocol for the Internet, and (2) it describes itself as a “document [that]
`specifies an Internet standards track protocol for the Internet community,
`and requests discussion and suggestions for improvements. . . . Distribution
`of this memo is unlimited.” Inst. Dec. 10 (citing Ex 1008, 1). On this basis,
`
`
`
`15
`
`
`
`IPR2015-00868
`Patent 8,516,131 B2
`
`we determined that Petitioner had met its burden for a threshold showing to
`proceed to trial. Id.
`In support of Petitioner’s position, the testimony from the Tamassia
`Declaration is that RFCs are “prepared and distributed under a formalized
`publication process overseen by one of several Internet standards or
`governing bodies,” such as the IETF. Ex. 1005 ¶ 186. Dr. Tamassia goes on
`to discuss an RFC that discusses the RFC development and publication
`process itself—RFC 2026, dated October 1996. Id. ¶¶ 187–190; Ex. 1036.
`Dr. Tamassia testifies that “[t]he publication date of each RFC is contained
`in the RFC, typically in the top right corner of the first page of the
`document” and “[t]his is the date it was released for public distribution on
`the Internet.” Id. ¶ 190. RFC 2026 also explains that anyone can obtain
`RFCs from a number of Internet hosts and each RFC “is made available for
`review via world-wide on-line directories.” Ex. 1036, 4–6.
`Patent Owner argues that Petitioner cannot rely on evidence it has
`proffered to support this finding. First, Patent Owner argues that testimony
`by Dr. Tamassia should not be accorded any weight because Dr. Tamassia
`has not been established to have personal knowledge that RFC 2401 was
`actually released to the public in November 1998, nor has Dr. Tamassia
`“been established as someone familiar with, let alone an expert in, the
`workings of the Internet Engineering Task Force (IETF)[—]the body
`responsible for the RFCs.” PO Resp. 53–54.12
`
`
`12 Patent Owner also argues we should give Dr. Tamassia’s testimony on this
`issue no weight because the Petition does not cite to these paragraphs. PO
`Resp. 53 n.5. Patent Owner, itself, however, directed the Board’s attention
`to this testimony on this issue in its Preliminary Response (Paper 6, 3), and
`
`
`
`16
`
`
`
`IPR2015-00868
`Patent 8,516,131 B2
`
`
`We find Dr. Tamassia’s testimony as to public accessibility of RFCs
`in general to be credible, especially given the independent support of RFC
`2026 (Ex. 1036). As part of routine discovery (37 C.F.R. § 42.51(b)(1)(ii)),
`Patent Owner had the opportunity to cross-examine Dr. Tamassia and did so,
`taking the Tamassia Deposition and making it of record. See Ex. 2016.
`Patent Owner does not point us to any discussion of this issue in the
`Tamassia Deposition. RFC 2401’s contents are consistent with the
`publication process described by RFC 2026 and Dr. Tamassia, including a
`date “November 1998” indicated on the top right corner of the first page of
`the document. Moreover, a request for suggestions and improvements for an
`Internet standards protocol, having no indication of being a mere draft or
`internal paper, is the type of document whose very purpose is public
`disclosure.
`“A given reference is ‘publicly accessible’ upon a satisfactory
`showing that such document has been disseminated or otherwise made
`available to the extent that persons interested and ordinarily skilled in the
`subject matter or art exercising reasonable diligence, can locate it.” SRI
`Int’l, Inc. v. Internet Sec. Sys., Inc. 511 F.3d 1186, 1194 (Fed. Cir. 2008)
`(quoting Bruckelmyer v. Ground Heaters, Inc., 445 F.3d 1374, 1378 (Fed.
`Cir. 2006)). We find that Petitioner has established, by a preponderance of
`the evidence, that RFC 2401(dated November 1998) was sufficiently
`disseminated to persons of ordinary skill interested in computer networking
`and security to be deemed “publicly accessible” at the relevant time.
`
`
`thus clearly has had adequate notice of its contents such that it may respond
`with no issue of prejudice.
`
`
`
`17
`
`
`
`IPR2015-00868
`Patent 8,516,131 B2
`
`Therefore, on this record, we determine RFC 2401 qualifies as a prior art
`printed publication under 35 U.S.C. § 102(b).
`E. Overview of Beser
`Beser describes a system that establishes an IP (internet protocol)
`tunneling association on a public network between two end devices. See Ex.
`1007, Abstract. Figure 1 of Beser is reproduced below.
`
`
`Figure 1 of Beser, reproduced above, illustrates a network system, including
`public network 12, network devices 24 and 26, private network 20, trusted
`third-party network device 30, and modified routers or gateways 14 and 16.
`Ex. 1007, 3:60–4:18. Beser describes network devices 24 and 26 as
`telephony devices, multimedia devices, VoIP devices, or personal
`computers. Id. at 4:43–52.
`Beser’s system “increases the security of communication on the data
`network” by providing and hiding, in packets, “private addresses” for
`
`
`
`18
`
`
`
`IPR2015-00868
`Patent 8,516,131 B2
`
`originating device 24 and terminating device 26 on the network. See id. at
`Abstract, Figs. 1, 6. To begin a secure transaction, requesting device 24
`sends a request to initiate a tunneling connection to network device 14. Id.
`at 8:21–47. This request includes a unique identifier for the terminating end
`of the tunneling association—terminating device 26. Id. at 7:64–8:3. The
`packets used to transfer this unique identifier across the public network
`“may require encryption or authentication to ensure that the unique identifier
`cannot be read on the public network 12.” Id. at 11:22–25. Beser discloses,
`as background prior art, known forms of encryption for the information
`inside these packets, including IP Security (“‘IPSec’”). Id. at 1:54–56.
`Once network device 14 receives the request, it passes the request on to
`trusted-third-party network device 30. Id. at 8:3–4, 8:48–9:5.
`Trusted-third-party network device 30 contains a directory of users,
`such as a DNS, which retains a list of public IP addresses associated at least
`with second network device 16 and terminating devices 26. See id. at
`11:32–58. DNS 30 associates terminating network device 26, based on its
`unique identifier in the request, with a public IP address for router device 16.
`See id. at 11:26–36. Trusted-third-party network device 30 then assigns, by
`negotiation, private IP addresses to requesting network device 24 and
`terminating device 26. Id. at 9:29–35, 12:16–19. The negotiated private IP
`addresses are “isolated from a public network such as the Internet,” and “are
`not globally routable.” Id. at 11:62–65.
`F. Overview of RFC 2401
`RFC 2401 describes the security services offered by the IPsec
`protocols, including “access control, connectionless integrity, data origin
`
`
`
`19
`
`
`
`IPR2015-00868
`Patent 8,516,131 B2
`
`authentication, [and] . . . confidentiality (encryption).” Ex. 1008, 3–4. RFC
`2401 describes IPsec further, as follows:
`IPsec allows the user (or system administrator) to control the
`granularity at which a security service is offered. For example,
`one can create a single encrypted tunnel to carry all the traffic