The Librem 5 is supposed to, hopefully, get the Free Software Foundation (FSF) Respects Your Freedom (RYF) certification. https://ryf.fsf.org/
There are different opinions about the FSF RYF certification criteria, some people think they are silly while others think they are reasonable.
I think this issue is interesting and important, but it’s also a bit difficult to understand. Below is my attempt at describing this, please help out by commenting in case you know better.
The tricky part is how the RYF certification handles the “necessary evil” of proprietary software running in some part of a device. The RYF certification criteria, as far as I understand it, mean that there can be proprietary software running on the device provided that it can be considered as “part of the hardware”. An example could be a harddrive that internally runs some proprietary software (firmware) that runs on a separate processor inside the harddrive itself. We can imagine connecting such a harddrive to our device and using it without caring or even knowing about the existence of that firmware, it is just considered part of the hardware component (the harddrive).
Often, when there is firmware running inside some piece of hardware, there is also some way of updating that firmware. Probably all free software enthusiasts will agree that it is best if the firmware is free software, then we can modify it and update it as we want and everyone is happy. However, in some cases the firmware is proprietary closed-source software and in that case the FSF RYF certification criteria imply that the device must not allow the user to update that firmware. This, I think, is the basis of most of the criticism of the FSF RYF certification. It means that as a manufacturer of a device, if you want to get the RYF certification, you must restrict the device in that way, effectively making it so that the user of the device has fewer options. (As @lperkins2 wrote here Another price increase? Change: Librem 5 fighting about if open source it can in this way be seen as a “restricts your freedom” certification.)
While the above argument against the RYF certification criteria is clear, I would still like to defend the RYF certification. The purpose of the certification is to create incentives for people to use free software more, for everything. In this view, using proprietary software is bad and to the extent that it is necessary it makes sense to make it difficult. Having a device that does not allow updating some firmware is bad, yes, but the proper solution is to build the device using components that use only free software, then the problem goes away. So, having the RYF certification made this way creates more incentives to create components that use only free software. If updating proprietary firmware was allowed by the certification, then there would be less pressure towards creating fully free devices in the future.
Another aspect of this is that the way the RYF certification is done means that for a RYF-certified device we can package all software for it and say that “look, here is the complete software for the device and all of it is free!” That is how it works for the Librem 5, I think, and that is a difference compared to the PinePhone where the software you install includes some proprietary binary blobs. Although you can argue that those blobs are only sent to separate pieces of hardware and never executed by the main CPU, you are still dealing with proprietary blobs.
Perhaps this in the end boils down to a similar question as the “copyleft” GPL vs MIT-style open-source licenses. You can say that GPL is “less free” in some respects, but it promotes free software more strongly and in that way helps build a better world. See https://drewdevault.com/2019/06/13/My-journey-from-MIT-to-GPL.html
What do you think about all this? Is the issue described properly above, did I miss something important, did I even misunderstand everything from the beginning?