The actual text of the RYF certification requirements says that it can’t be intended by the device manufacturer for the final owner to update the firmware. An important note is that the RYF certification predates the modern all-in-one SOCs for phones, and was aimed more at laptops than at phones. The primary “black box” device with firmware stored in a second place and not using the CPU would be the hard drives, or the fairly sophisticated firmware in a blu-ray drive. The expectation, as set forth in the RYF text, is that the whole, integrated, device (the laptop, phone, et cetera) will work to specification at time of release without the user having to directly deal with closed source firmware.
The rational is that the particular bit pattern which constitutes the firmware is relatively fixed, and so is essentially hardware. Of course, just like the company need not glue the case shut to prevent the end user from using a shunt-mod to overclock the GPU, they similarly don’t have to clip off the JTAG pins to prevent the user from rearranging those bits however they like. They just must not expect the user to do so (or have software on the machine to do it for the user automatically) in order to have a correctly functioning machine.
Of course, that’s just what the RYF text says, I can’t speak to what the current leadership of the FSF or Purism will claim, which is what’s going to actually matter here.
Oh, as for the “at time of release”, just like if it were discovered the wrong resistor was used in a current sensing circuit, a flaw discovered in the firmware wouldn’t invalidate the RYF certification. The RYF certification would, however, require Purism to treat it as a hardware bug, which means offering RMAs to anyone who wants to ship it back for Purism to do the firmware update, same as if there were some other hardware defect. Just like hardware defects though, they could offer the option of doing the “repair” yourself, without voiding your warranty.