[00:00:03] Speaker 04:
OK, we have two panels this morning, four argued cases and a submitted case.

[00:00:11] Speaker 04:
Our first panel will hear one oral argument.

[00:00:16] Speaker 04:
And then at the conclusion of that oral argument, the panel will retire.

[00:00:20] Speaker 04:
And then we'll come back in a few minutes to hear the remaining cases of the morning with a new panel.

[00:00:28] Speaker 04:
So we'll start with the lone appeal of the first panel, Vernetics versus Cisco systems, DACA number 18-1751.

[00:00:39] Speaker 00:
And whenever you're ready.

[00:00:42] Speaker 00:
Thank you, Your Honor.

[00:00:42] Speaker 00:
May it please the court, Stephen Kinnaird for Vernetics.

[00:00:46] Speaker 00:
I begin with claim five, where the board's failure to reach a critical argument requires remand.

[00:00:54] Speaker 00:
Claim five recites a domain name service system, or DNSS, that, quote, is configured to authenticate the query using a cryptographic technique.

[00:01:10] Speaker 00:
The examiner ruled that the cell directory service of Lendenman, the counterpart to the DNSS, performs cryptographic authentication by remote procedure call, or RPC.

[00:01:26] Speaker 00:
On appeal to the board, Phenetics argued first that the CDS does not perform authentication at all, the security service does, and second,

[00:01:36] Speaker 00:
independently the CDS does not use RPC and indeed the security service use RPC no these are the core the core utility services security and CDs I have a little trouble following all of this but just let me see if I understand that you have two arguments here one is

[00:02:00] Speaker 03:
you think there are two different functions in Lindemann, and the one that's comparable to yours doesn't do the cryptographic stuff at all.

[00:02:13] Speaker 03:
And then you say that whatever function they're pointing to is done by a separate service.

[00:02:19] Speaker 03:
If we disagree that those two things are separate services, though, it seems like you just said you have a backup argument that that thing you think is separate

[00:02:27] Speaker 03:
still doesn't do RPC.

[00:02:30] Speaker 00:
Why is that?

[00:02:32] Speaker 00:
It does not do RPC.

[00:02:35] Speaker 03:
Is the CDS a security service?

[00:02:36] Speaker 03:
They're separate functionalities.

[00:02:38] Speaker 03:
No, that's what I'm trying to get at.

[00:02:40] Speaker 03:
So maybe you can just help me.

[00:02:43] Speaker 03:
Is the CDS the comparable thing to the DNS in your

[00:02:48] Speaker 03:
Is that what the idea is?

[00:02:49] Speaker 00:
Yes.

[00:02:49] Speaker 03:
Yes, and that's what was alleged.

[00:02:50] Speaker 03:
Right.

[00:02:50] Speaker 03:
OK.

[00:02:51] Speaker 03:
But there's a separate thing in Lindemann called a security service.

[00:02:56] Speaker 00:
Right.

[00:02:56] Speaker 03:
And what I'm asking is, is the security system using any kind of cryptographic or RPC function in Lindemann?

[00:03:03] Speaker 00:
What the security service does is it performs the authentication.

[00:03:12] Speaker 00:
It doesn't use RPC.

[00:03:15] Speaker 00:
It supplies a session key.

[00:03:17] Speaker 00:
by which clients and remote servers can engage in RPC.

[00:03:22] Speaker 00:
But the key point is that we had the argument that the CDS.

[00:03:26] Speaker 03:
No, I understand.

[00:03:27] Speaker 03:
I think your key argument is that those are two separate functions.

[00:03:30] Speaker 03:
But what I'm trying to get at is, if I disagree with you that those are two separate functions, and I view it all as one entire function, whether you still have an argument that there's no RPC at all.

[00:03:45] Speaker 00:
Well, the RPC, I guess the security service is involved in the authentication in an RPC.

[00:03:52] Speaker 00:
But the holding of the examiner was that the CDS, just looking at the CDS, actually uses the RPC.

[00:04:04] Speaker 00:
And the expert, Karamaitis, made very clear, and this is at 69.85, he's the only expert, he says that the CDS

[00:04:13] Speaker 00:
is used for establishing an RPC.

[00:04:17] Speaker 00:
And therefore, it doesn't use the RPC.

[00:04:19] Speaker 00:
And Lendedmen itself says, 4439, that the CDS is involved in the execution of RPCs.

[00:04:28] Speaker 00:
And it explains that the client has to query the CDS to locate the remote server and then to receive what's known as a partial binding handle just to communicate with the remote server.

[00:04:41] Speaker 00:
So because the CDS is necessary to create an RPC, the CDS cannot be said to actually use an RPC.

[00:04:51] Speaker 00:
And this is critical because the RPC, the authenticated RPC, is the sole disclosure in Lendenman of cryptographic authentication of a message.

[00:05:02] Speaker 00:
So the security service provides a session key

[00:05:05] Speaker 00:
And then the client and remote server use that session key to decrypt and encrypt messages and to authenticate.

[00:05:14] Speaker 00:
But it's not the CDS itself that uses the RPC.

[00:05:20] Speaker 00:
So there is no disclosure in Lendenman of CDS performing cryptographic authentication of queries for network address.

[00:05:29] Speaker 00:
And because the board did not reach this argument, there has to be a minimum of remand

[00:05:34] Speaker 00:
on claim five and also on claims 11 and 12, which also turn on this RPC performance question.

[00:05:43] Speaker 04:
If it's not the CDS, then which unit is using RPC in London?

[00:05:50] Speaker 04:
Is it the security service?

[00:05:51] Speaker 00:
It's the clients and the remote servers.

[00:05:55] Speaker 00:
The application service is what the disclosure is.

[00:05:57] Speaker 00:
So the security service and the directory service

[00:06:02] Speaker 00:
are these core utility services that enable the RPC.

[00:06:09] Speaker 00:
And the CDS process of querying is disclosed at 42.95 to 96.

[00:06:17] Speaker 00:
It is a separate process from the RPC.

[00:06:20] Speaker 00:
And again, it would be a non sequitur to say that if you need a CPS to create an RPC, that the CDS uses RPC.

[00:06:29] Speaker 00:
So the board also aired

[00:06:31] Speaker 00:
in finding that the prior art disclosed the indication limitation of the claims.

[00:06:37] Speaker 00:
And it did so based on a misconception that if the DNSS performs any but four step prior to the formation of a secure communications link by other components, that's the claimed indication.

[00:06:52] Speaker 00:
And that's not true because the claims require an indication that the DNSS itself

[00:06:59] Speaker 00:
support establishing a communication link.

[00:07:03] Speaker 00:
And this is, for example, appendix 100, which has step 3410 on figure 34.

[00:07:11] Speaker 00:
And it indicates that the DNSS provides the parameters for the VPN to the client and host.

[00:07:20] Speaker 00:
And that's the innovation of the patent, is to use the DNSS to automate secure communications links.

[00:07:28] Speaker 00:
And there's no substantial evidence that either Aziz or Lendment discloses the claimed indication.

[00:07:37] Speaker 00:
So Aziz is simply a variation on the standard internet practice.

[00:07:45] Speaker 00:
It's set forth in what's known as RFC 2065.

[00:07:48] Speaker 00:
It's referenced in Aziz at 4534.

[00:07:51] Speaker 00:
And so in standard practice, a network administrator

[00:07:57] Speaker 00:
We simply register with a DNS, public key and digital signature, or SIG records.

[00:08:06] Speaker 00:
And then any time that a client requests the network address for a host or a firewall, then those public records are returned.

[00:08:18] Speaker 00:
This is simply a return of public records.

[00:08:21] Speaker 00:
And all the disease adds,

[00:08:23] Speaker 00:
is it creates a new type of record called the SX record for secure exchanger like a firewall.

[00:08:29] Speaker 00:
And so it says, when you get such a query, you also add in an SX record with the public key and address of the firewall.

[00:08:38] Speaker 00:
And again, an SX record is just a couple lines of information on the response from the DNS.

[00:08:46] Speaker 00:
But what that is is simply, like the conventional art,

[00:08:50] Speaker 00:
is the return of a public record to any client.

[00:08:54] Speaker 00:
And the patent specifically admits that the prior right does that on column 39.

[00:08:59] Speaker 01:
But if the record that comes back from a secure server, let's say, is in fact a record that, rather than simply unavailable, can't return any data, then that is, I won't use the word indication,

[00:09:19] Speaker 01:
that demonstrates, does it not, that there has been a secure link established?

[00:09:25] Speaker 00:
No, Your Honor.

[00:09:26] Speaker 00:
It's important to understand that the SX record does not come back from a secure host.

[00:09:33] Speaker 00:
The SX record comes back from the DNS.

[00:09:36] Speaker 00:
And it simply gives you the address of a firewall, which is there.

[00:09:40] Speaker 00:
And the patent in column 39 specifically admits the prior art

[00:09:45] Speaker 00:
returns network addresses, and it returns public key firewalls.

[00:09:51] Speaker 01:
How does that differ from Lendenman?

[00:09:55] Speaker 01:
Does Lendenman not do exactly that?

[00:09:58] Speaker 00:
Lendenman does the same thing as disease, and it is fatal.

[00:10:03] Speaker 01:
So what you get back in Lendenman is not data from the secure site, you're saying?

[00:10:09] Speaker 00:
No, all Lendenman, and I should point out that the issue of Lendenman is also an issue in the related 211 patent in the 1715-91 appeal that's already been argued as separately pending.

[00:10:23] Speaker 00:
But all that Lendenman does is that there are two claimed indications.

[00:10:29] Speaker 00:
The first is simply that the CDS returns a network address in response to a query.

[00:10:34] Speaker 00:
That's what any BAME server does.

[00:10:36] Speaker 00:
And that could be.

[00:10:38] Speaker 00:
a secure site or it could be just a regular site.

[00:10:42] Speaker 00:
But it does it regardless.

[00:10:44] Speaker 00:
All it's doing is returning the public record.

[00:10:45] Speaker 00:
It's kind of just an administrative function that it does.

[00:10:49] Speaker 00:
The second indication in Lendenman that the board relied on was what's known as the access control list.

[00:10:57] Speaker 00:
And that's even farther afield because all the ACL does

[00:11:01] Speaker 00:
is that when you want to make a query of the CDS, first the CDS checks to see whether you're authorized to make that query, to access that name or perform CDS operations.

[00:11:13] Speaker 00:
So it's a step before the return of the network address.

[00:11:16] Speaker 00:
You do it regardless of whether you're seeking secure or non-secure communications.

[00:11:23] Speaker 00:
And the fundamental difference

[00:11:24] Speaker 00:
With a patent, is this the patent of the invention?

[00:11:28] Speaker 04:
But I guess with the access control lists, if you are one of those authorized clients, then you will get an IP address returned to you.

[00:11:37] Speaker 04:
And if you're not one of those authorized clients, then you're not going to get.

[00:11:41] Speaker 04:
access to an IP address.

[00:11:43] Speaker 00:
And that's true whether you're trying secure or not secure.

[00:11:46] Speaker 04:
I guess the point is if you are getting an address in that context then that proves that you're authorized and then perhaps that's some kind of indication that okay this system can handle secure communication systems because that's the only kind of communication link you're going to get and then if you're denied an IP address

[00:12:06] Speaker 04:
That's also an indication that you client haven't been authorized.

[00:12:11] Speaker 04:
And so therefore, you're not going to get a secure communication link.

[00:12:15] Speaker 00:
It's an important distinction.

[00:12:16] Speaker 00:
All the ACL does is, are you authorized to use this CDS?

[00:12:21] Speaker 00:
And for certain functions.

[00:12:22] Speaker 00:
It is not about, are you authorized to engage in secure communications?

[00:12:27] Speaker 00:
And this is the fundamental distinction about what the claim says.

[00:12:33] Speaker 00:
It's the indication that the DNSS itself supports establishing the secure communication link.

[00:12:40] Speaker 00:
So the DNSS has to contribute to the creation of the link itself.

[00:12:46] Speaker 00:
It's this mere public return of the records, which was admitted to be in the prior art.

[00:12:50] Speaker 00:
That can't be the meaning of the claim.

[00:12:52] Speaker 00:
You interpret the claim in light of the specification, in light of the preferred embodiments, not limiting them to the preferred embodiments,

[00:12:59] Speaker 00:
But it sheds scope on it.

[00:13:01] Speaker 00:
Mr. Kinnair, you're into your rebuttal.

[00:13:02] Speaker 00:
Do you want to save it?

[00:13:03] Speaker 04:
Yes, I would.

[00:13:04] Speaker 04:
Thank you.

[00:13:05] Speaker 04:
Let's hear from the other side, Mr. Foster.

[00:13:23] Speaker 02:
Thank you, Your Honors.

[00:13:24] Speaker 02:
Good morning.

[00:13:25] Speaker 02:
May it please the court, Theo Foster, on behalf of Cisco Systems.

[00:13:28] Speaker 02:
I'd like to start with Claim 5 Mr. Kinnaird brought up first and his challenge to the question of whether the board found anything regarding the use of remote procedure calls in Lundenman.

[00:13:41] Speaker 02:
And what the board did was the board affirmed the examiner's rejection of Claim 5.

[00:13:47] Speaker 02:
And if we look at the examiner's rejection of claim five.

[00:13:50] Speaker 03:
Can you point to me where the board incorporated the examiner's rejection reasoning?

[00:13:56] Speaker 03:
This is the problem.

[00:13:58] Speaker 03:
I think the examiner explained this.

[00:14:00] Speaker 03:
The board's discussion on this point seems mostly directed at rejecting their argument that the CDS and the security service are

[00:14:12] Speaker 03:
two separate functioning entities, but it didn't explain I don't even think it used the words RPC how RPC is actually used In the security services to to meet this claim limitation Yes, that is that is correct as far as a summary of the words that the board used and the

[00:14:35] Speaker 02:
the way that they put their opinion.

[00:14:38] Speaker 03:
I submit that they affirm the- How can we rely on the examiner's rejection that the board didn't at least incorporate it somehow?

[00:14:45] Speaker 02:
Well, I believe the Administrative Procedures Act provides that intermediate procedural decisions of an agency are reviewable when the final decision is reviewed on appeal.

[00:14:56] Speaker 02:
And so I think the court can look

[00:14:59] Speaker 03:
that the board was reviewing itself and what the examiner said.

[00:15:14] Speaker 03:
I might be with you, but we still have to have a factual finding that Lindemann meets this specific claim limitation of claim five about the cryptographic information.

[00:15:25] Speaker 03:
And can you point to me in the board's decision a factual finding that's sufficient that we could then look to the examiner's discussion and the like for additional evidence about why those functions are bad?

[00:15:38] Speaker 02:
So the board's decision affirmed the rejection of claim five, and the basis of that rejection included the examiner's statements, and that's on appendix page 2240, the examiner's statements and findings regarding the use of remote procedure call in Lendenman.

[00:15:54] Speaker 04:
The board doesn't address the patent owner's argument, though, about why in the patent owner's view the CDS does not use an RPC call.

[00:16:02] Speaker 04:
Is that fair to say?

[00:16:03] Speaker 02:
The board does not.

[00:16:05] Speaker 04:
discuss the use of remote procedure call in London right and and so I guess the gap is is that the patent owner made a specific argument and the board didn't ever address that argument and the

[00:16:20] Speaker 02:
Board, as my understanding, the board is not required to address every single argument raised by a patent owner.

[00:16:27] Speaker 04:
Yeah, but this is the primary argument by the patent owner about this specific claim.

[00:16:33] Speaker 04:
I mean, if we were to take your position to the logical conclusion, the board could write just one sentence opinions and not say anything more.

[00:16:43] Speaker 04:
I mean, we don't really have a clue here that

[00:16:48] Speaker 04:
the board is saying to us, communicating to you, that it likes what the examiner said and disagrees with what the patent owner is trying to counter.

[00:16:59] Speaker 04:
And therefore, that's why the board is affirming the rejection.

[00:17:04] Speaker 04:
It's a little more cryptic than that.

[00:17:06] Speaker 03:
Well, I mean, what you just pointed to us, that's the examiner's opinion, right?

[00:17:11] Speaker 02:
That's the examiner's findings.

[00:17:12] Speaker 03:
Again, can you point me to something in the board's opinion that addresses this point?

[00:17:17] Speaker 03:
that we could use as a factual finding to at least have something to suggest that the board address this issue.

[00:17:31] Speaker 03:
You're probably not going to.

[00:17:33] Speaker 03:
I looked at the board's opinion yesterday, and all it seemed to address was the argument that the CDS and the security services are different entities.

[00:17:43] Speaker 03:
And it said, no, they're not.

[00:17:44] Speaker 03:
They all kind of function together.

[00:17:47] Speaker 02:
Which is fine.

[00:17:47] Speaker 02:
And that was the patent owner's primary argument on appeal to the board.

[00:17:53] Speaker 03:
Still the problem is we don't know from the board's decision if it concluded that that security service did RPC.

[00:18:03] Speaker 03:
And it doesn't sound from your friend's argument on the other side that that's undisputed.

[00:18:10] Speaker 03:
If it was undisputed that if the only argument were from their side was the CDC and the security services are different, they're separate, so the security service using RPC doesn't meet this claim limitation, then I think the board's done enough.

[00:18:26] Speaker 03:
But it seems like there's a separate argument that the security service

[00:18:29] Speaker 03:
Doesn't even do our PC at all and the board didn't speak to that and I don't know I can't read this stuff myself and figure out whether the security service does our PC I mean, that's not my job the board has to make that factual finding so again Is there anything in the board's decision did I miss something that suggests a hint that they were?

[00:18:50] Speaker 02:
deciding that issue the board's approach to this was to affirm the examiner's and

[00:18:55] Speaker 03:
Well, can you point to anything in the board's language that suggests they're incorporating the examiner's reasoning on that point?

[00:19:03] Speaker 03:
I mean, even that would be good enough, but I didn't see any of that.

[00:19:06] Speaker 02:
I don't believe the board referenced incorporating the examiner's analysis.

[00:19:14] Speaker 02:
The board reviewed that analysis and found it persuasive and affirmed it.

[00:19:20] Speaker 02:
But the board itself did not.

[00:19:22] Speaker 02:
reiterate the exact same points.

[00:19:24] Speaker 02:
They simply affirmed the analysis and addressed the patent owner's primary argument on appeal, which was this question of whether or not the security service and the sole directory service are two separate entities.

[00:19:37] Speaker 02:
Of course, the teaching of the reference is that they're integrated and incorporated.

[00:19:41] Speaker 03:
Even though the board didn't seem to address it, do you have a clear argument for why the security system in Lindemann meets this claim limitation and uses RPC?

[00:19:54] Speaker 02:
Yes.

[00:19:55] Speaker 02:
So the key question is whether or not the cell directory service, which corresponds to the claim DNS, whether or not it uses

[00:20:05] Speaker 02:
remote procedure calls.

[00:20:06] Speaker 02:
Now, if we look at appendix page 4275, it's quite clear because it states that the directory service, which includes the cell directory service, the directory service is based upon the data sharing model.

[00:20:21] Speaker 02:
And the data sharing model is built upon remote procedure call, RPC.

[00:20:27] Speaker 02:
That's in section 1.5.

[00:20:28] Speaker 02:
This is in Lindenman?

[00:20:29] Speaker 02:
Yes.

[00:20:30] Speaker 02:
This is in Lindenman, appendix page 4275,

[00:20:33] Speaker 02:
It's the last two sentences in the section labeled 1.4.1.3, the data sharing model.

[00:20:40] Speaker 02:
It states, data sharing is built upon RPC.

[00:20:43] Speaker 02:
And then both the directory service and the distributed file system are based upon the data sharing model.

[00:20:49] Speaker 02:
So there is the direct statement that the directory service, including the cell directory service, is using RPC.

[00:20:56] Speaker 02:
The examiner cited that.

[00:20:58] Speaker 02:
The examiner also cited the figure on page 4439.

[00:21:03] Speaker 02:
of Lendenman, which shows the directory service in a hierarchy of features being literally built on top of the remote procedure call box.

[00:21:17] Speaker 02:
Page 4439 further states that RPC is the basis for distributed computing environment, or DCE, which is the subject matter of Lendenman in its entirety, and states that DCE services also use RPCs.

[00:21:33] Speaker 02:
There's substantial evidence here to support the examiner's finding and the board's affirmance.

[00:21:39] Speaker 01:
Was that proposition contested before the board?

[00:21:43] Speaker 01:
The question of whether RPC is used by these services?

[00:21:49] Speaker 02:
Yes, that was in the briefing.

[00:21:51] Speaker 01:
It was contested by the patent owner, argued that it was not.

[00:21:59] Speaker 02:
That's correct.

[00:21:59] Speaker 02:
The patent owner did raise the argument as its secondary argument.

[00:22:03] Speaker 04:
The board, in fact, identified that in its decision, but A-28, where it said patent owner argues, among other things, quote, CDS does not use the RPC model of communication.

[00:22:18] Speaker 01:
And that argument was made before the examiner, right?

[00:22:22] Speaker 01:
Yes.

[00:22:22] Speaker 01:
OK.

[00:22:25] Speaker 04:
So you want us to infer that with the board recognizing that the patent owner made this very argument, that the board understood that argument and rejected that argument by affirming the examiner's rejection.

[00:22:42] Speaker 04:
Yes.

[00:22:43] Speaker 04:
And in doing so, must have necessarily adopted the reasoning of the examiner.

[00:22:50] Speaker 02:
I believe that it would be sufficient that the board found that the evidence showed

[00:22:55] Speaker 02:
and supported the conclusion, whether the board necessarily agreed exactly with the examiner.

[00:23:02] Speaker 01:
Now, in this passage that we're talking about, appendix 28 to 29, the board says, with reference to the security service of Lendenman performing this function, and the board says, we are still not persuaded by patent owner's argument for at least the reasons previously discussed.

[00:23:25] Speaker 01:
What do you understand the reasons previously discussed to entail?

[00:23:31] Speaker 02:
Well among the reasons discussed above is this this question About the difference between the security service and the cell directory service which the board had extensively discussed in the preceding pages and

[00:23:46] Speaker 01:
Well, specifically, do you, I guess, let me ask the question more pointedly.

[00:23:52] Speaker 01:
Do you understand that reference to reasons previously discussed to refer to the material on page 11, which is appendix 24, of the board's opinion in which the scope of Lendenman's disclosure is discussed?

[00:24:17] Speaker 02:
In part, yes.

[00:24:18] Speaker 02:
Page 11, appendix page 24, is where the board discussed and refuted patent owner's argument regarding the distinction between the CDS and the security service.

[00:24:31] Speaker 02:
And again, the board referenced the same teachings that the examiner had about Lindemann describing the CDS as integrated into the security service.

[00:24:43] Speaker 01:
Yeah.

[00:24:45] Speaker 01:
The final question, I guess, is does that get you to the point of saying there's your explanation for the board, reasons for the board rejecting the patent owner's argument on this issue?

[00:24:59] Speaker 02:
On the issue of the remote procedure call?

[00:25:02] Speaker 01:
On the claim five issue.

[00:25:04] Speaker 02:
I think it is, because again, the main argument the patent owner was making on appeal was this distinction between CDS and security service.

[00:25:14] Speaker 02:
That's what the board is primarily addressing.

[00:25:17] Speaker 02:
The secondary argument that they raised below and now are trying to promote to be the linchpin of this case, the board simply referred to the fact that the argument had been made and they weren't persuaded.

[00:25:31] Speaker 01:
And the examiner had dealt with that extensively.

[00:25:34] Speaker 01:
I take it you're saying is that this

[00:25:37] Speaker 01:
material, both on pages 27 and 28, and also the material on 24, if that's incorporated within the board's reference to discussions above, covers the principal argument, but not the secondary argument?

[00:25:53] Speaker 01:
Is that what you're saying?

[00:26:00] Speaker 02:
I have the same board decision that you do.

[00:26:04] Speaker 02:
And unfortunately, the board did not

[00:26:08] Speaker 02:
address specifically this remote procedure call issue.

[00:26:14] Speaker 02:
They referenced it.

[00:26:15] Speaker 02:
It was clearly before them.

[00:26:17] Speaker 02:
They considered it.

[00:26:17] Speaker 02:
They referenced the fact that it was before them.

[00:26:19] Speaker 02:
And they were not persuaded.

[00:26:20] Speaker 02:
They affirmed the rejection of claim five.

[00:26:23] Speaker 02:
I think that's the board's finding that the court can rely on, that the board considered this argument and was unpersuaded.

[00:26:34] Speaker 02:
And it's in the record from the examiner exactly why that argument doesn't hold water.

[00:26:41] Speaker 04:
What about on claim 12?

[00:26:44] Speaker 04:
Claim 12, we don't see any discussion of RPC in claim 12, right?

[00:26:50] Speaker 04:
And the examiner's theory on claim 12 is the same thing as for claim 5 in that the examiner believed that CDS was using an RPC call, right?

[00:27:03] Speaker 04:
for claim 12 as well as claim 5.

[00:27:06] Speaker 04:
And yet here in the discussion in the board's decision as to claim 12, we don't see any acknowledgment of the crux of the matter, which is, does the CDS use an RPC call or not?

[00:27:20] Speaker 02:
And what the board was addressing was the arguments specific to claim 12 that the patent owner had raised, which were not specific to the remote procedure call.

[00:27:28] Speaker 02:
The arguments the patent owner was raising

[00:27:31] Speaker 02:
related to the use of transmission control protocol, or TCP, and the question of whether or not that provides a moving window of valid values.

[00:27:43] Speaker 02:
And so that language which is specific to claim 12 is what the board addressed in its decision on claims 12 and 13.

[00:27:51] Speaker 02:
I have just a few seconds.

[00:27:52] Speaker 02:
I would like to refer to the arguments made regarding the access control list teaching.

[00:28:01] Speaker 02:
and point out that Pat Nohner has repeatedly argued to the district court that authorization and authentication are specific features of the claims.

[00:28:12] Speaker 02:
They did that to the district court at appendix page 7505.

[00:28:16] Speaker 02:
They've even done that again here in their blue brief at page 9, where they reference a specific feature in summarizing the claimed invention as requesting that

[00:28:28] Speaker 02:
that the DNS server determines whether the requesting computer is authorized to access the site.

[00:28:33] Speaker 02:
So authorization is provided by the ACLs in Lindenman and was a specific feature argued by patent owners as meeting this claimed indication limitation.

[00:28:43] Speaker 02:
If there are no further questions, thank you.

[00:28:56] Speaker 00:
Your Honor, I'd like to address first this whole notion of the CDS being integrated into the security service.

[00:29:05] Speaker 00:
If you look at appendix 4300, the basis for that is where it says the CDS as any other DCE service is integrated into the security service, which only means that all DCE services can call on the functionality of the security service.

[00:29:21] Speaker 00:
It does not mean that they're the same and that the CDS, all the functions of the SD, of the security service are attributable to the CDC.

[00:29:30] Speaker 00:
And I would say even though there's a dispute about whether the CDS performs authorization, there is no disclosure anywhere of it with any kind of cryptographic authentication of a CDS query.

[00:29:43] Speaker 00:
It had to be an authenticated user, but there's no reference in any CDS query.

[00:29:48] Speaker 00:
So even if it was the security service,

[00:29:50] Speaker 00:
that there's cryptography involved.

[00:29:52] Speaker 00:
Cryptographic authentication is only revealed with authenticated

[00:29:57] Speaker 00:
RPC in chapter 10, and that is not the CDC process.

[00:30:02] Speaker 00:
And I would note that in 2242, if you look at the actual examiner's decision, when they're talking about RPC, they're talking about whether the CDS performs RPC.

[00:30:12] Speaker 00:
So if there's any theory of integration, I think that has to be something that would be explored on remand.

[00:30:19] Speaker 00:
On whether or not you can rely just on the examiner's findings, I think that's not correct.

[00:30:24] Speaker 00:
This court is held.

[00:30:24] Speaker 00:
The board makes de novo findings.

[00:30:26] Speaker 00:
It's an appeal in the sense that it's limited to the record.

[00:30:30] Speaker 00:
But like under the Administrative Agency Act, it either has to incorporate those findings or make them themselves.

[00:30:36] Speaker 00:
There is no such finding with regard to the remote procedure call.

[00:30:40] Speaker 00:
And on the data sharing model that my brother alluded to, first of all, that's an argument for the board, not for this court.

[00:30:49] Speaker 00:
But I would point out that when they talk about, in general, that distributed computing is based on RPC, of course, it

[00:30:56] Speaker 00:
But it also says most DCE services use RPC.

[00:31:00] Speaker 00:
It doesn't say all of them.

[00:31:01] Speaker 00:
And it pointedly has a different procedure for CDS.

[00:31:06] Speaker 00:
And so for all these reasons, I think this court should remand on claim 5, 11, and 12.

[00:31:12] Speaker 00:
And then on claim 1, it should reverse for lack of substantial evidence.

[00:31:18] Speaker 00:
OK, thank you very much.