On Thu, Dec 12, 2013 at 8:42 AM, coderman <coderman@gmail.com> wrote:
IVB already shipped in 2012... only server Ivy Bridge: Xeon E3 in mid-2012.
this does bring up an interesting point: while it may be more efficient to use the same "key" for the DRBG output across all processor lines, it would be more secure to use a different key per line. this implies that each iteration of Sandy Bridge -> Ivy Bridge -> Haswell needs to be "enabled" by CCP, with Xeon E5 debut in 2013 as discussed. for Sandy Bridge, this would have shown in 2010? and unless in network equipment described simply as "enabling decryption for Sandy Bridge used by $operating systems and $applications." sadly we'll have to wait a while to confirm this conjecture for Haswell. and we'll have to wait forever for more leaks apparently, as the continuing decline of details demonstrates... best regards,