> I don’t even see how a future MKTME v2 would be useful for DRM.
Intel already tried that with SGX. (Intel's documentation for SGX was all about creating a "Trusted Computing" environment, using the old Palladium/NGSCB DRM-sense of "trusted".
The difference is that SGX was explicitly designed to protect memory/execution from kernel access, and TME doesn’t have such a facility or any path I can see towards becoming one.
That's great, iff you have root-level access.
> I don’t even see how a future MKTME v2 would be useful for DRM.
Intel already tried that with SGX. (Intel's documentation for SGX was all about creating a "Trusted Computing" environment, using the old Palladium/NGSCB DRM-sense of "trusted".