Mangrove Partners Master Fund Ltd v. VirnetX Inc

1. Case Identification

• Case #: IPR2015-01047
• Patent #: 7,490,151
• Petitioner(s): The Mangrove Partners Master Fund, Ltd.
• Patent Owner(s): VirnetX Inc.
• Challenged Claims: 1, 2, 6-8, and 12-14

2. Patent Overview

• Title: System and Method for Secure Communication Over a Network
• Brief Description: The ’151 patent describes a system for establishing secure internet communications. The core technology involves a domain name server (DNS) proxy that transparently creates a virtual private network by intercepting a client’s DNS request, determining if the request corresponds to a secure server, and automatically initiating an encrypted channel if it does.

3. Grounds for Unpatentability

Ground 1: Anticipation over Kiuchi - Claims 1, 2, 6-8, and 12-14 are anticipated by Kiuchi under 35 U.S.C. §102.

• Prior Art Relied Upon: Kiuchi (a 1996 IEEE publication describing "C-HTTP," a secure, closed HTTP-based network protocol).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued that Kiuchi discloses every element of the challenged claims. Kiuchi’s system utilizes a client-side proxy and a C-HTTP name server that function in concert as the claimed "DNS proxy module." This module intercepts a user agent's URL request, which Petitioner asserted constitutes a "DNS request." The module "determines" if the request corresponds to a "secure server" by having the client-side proxy query the C-HTTP name server to verify if the requested host is registered in its closed network. If the C-HTTP server returns an error (indicating a non-secure server), the client-side proxy forwards the request to a standard public DNS, meeting that claim limitation. If the server confirms a secure destination, it returns the IP address and public key of a server-side proxy, which the client-side proxy then uses to "automatically initiate an encrypted channel" (the C-HTTP connection) to the secure server.
  • Key Aspects: Petitioner contended Kiuchi's disclosure also met the limitations of dependent claims, including determining client authorization (a function of the C-HTTP name server) and avoiding sending the secure server's true IP address to the client (the client only receives the IP address of the server-side proxy).

Ground 2: Obviousness over Kiuchi and Rescorla - Claims 1, 2, 6-8, and 12-14 are obvious over Kiuchi in view of Rescorla.

• Prior Art Relied Upon: Kiuchi and Rescorla (a 1996 Internet Draft on the Secure HTTP protocol, S-HTTP).
• Core Argument for this Ground:
  • Prior Art Mapping: This ground was presented as an alternative in case the Patent Owner successfully argued that the encrypted channel in Kiuchi is not a true "end-to-end" channel "between" the client and the secure server. Rescorla teaches implementing S-HTTP for confidential, end-to-end secure transactions between an HTTP client-server pair.
  • Motivation to Combine: A POSITA would combine Kiuchi with Rescorla because Kiuchi itself suggests that its C-HTTP protocol can co-exist with other secure HTTP protocols to provide layered security (both institutional-level via firewall proxies and personal-level via end-to-end encryption). Kiuchi expressly references an earlier version of the Rescorla draft, making the combination particularly foreseeable. The combined system would use Rescorla's S-HTTP for communication between the user agent and origin server, creating a fully end-to-end encrypted channel within Kiuchi's proxy framework.
  • Expectation of Success: A POSITA would have had a high expectation of success, as both systems were based on standard HTTP protocols and designed with interoperability in mind.

Ground 3: Obviousness over Kiuchi and RFC 1034 - Claims 1, 2, 6-8, and 12-14 are obvious over Kiuchi in view of RFC 1034.

• Prior Art Relied Upon: Kiuchi and RFC 1034 (a 1987 IETF publication detailing fundamental DNS concepts).

• Core Argument for this Ground:

  • Prior Art Mapping: This ground was asserted to counter potential arguments that the "wrong" network entity in Kiuchi's architecture performs certain claimed steps. Kiuchi's system uses an "iterative" DNS lookup for non-secure sites (the client-side proxy must query a public DNS itself after the C-HTTP server returns an error). RFC 1034 explicitly teaches the alternative "recursive" approach, where the first server queried (Kiuchi's C-HTTP name server) would pursue the full query on the client's behalf, including contacting the public DNS directly.
  • Motivation to Combine: A POSITA would modify Kiuchi's iterative system using the well-known recursive approach from RFC 1034 to streamline the system's operation and simplify the process for the client, a stated benefit in RFC 1034. This modification would consolidate the DNS lookup logic for both secure and non-secure servers into the C-HTTP name server, preempting arguments about the distribution of tasks.
  • Expectation of Success: Modifying DNS resolution behavior was a straightforward and well-understood design choice for a POSITA at the time, with clear guidance provided by RFC 1034.

• Additional Grounds: Petitioner asserted an additional obviousness challenge based on the combination of Kiuchi, RFC 1034, and Rescorla to address all potential narrow claim interpretations simultaneously.

4. Key Claim Construction Positions

• "Determining": Petitioner argued for the plain and ordinary meaning ("to come to a decision"), contending that the claimed DNS proxy module can perform this step by querying a separate entity (like the C-HTTP name server in Kiuchi). This interpretation is allegedly consistent with the patent’s own specification, which shows a DNS proxy querying a separate gatekeeper.
• "Secure Server": Petitioner asserted the term should be construed broadly as "a server that communicates over a transmission path that restricts access." This construction rejects the Patent Owner's anticipated narrower proposal that requires communication must occur in an "encrypted channel."
• "Automatically": Petitioner argued for the term’s ordinary meaning ("marked by action that arises as a...consequence of a given set of circumstances"), rejecting the Patent Owner's anticipated limitation that the action must be performed "without user involvement."

5. Relief Requested

• Petitioner requests institution of an inter partes review and cancellation of claims 1, 2, 6-8, and 12-14 of Patent 7,490,151 as unpatentable.