Sounds like a good idea in general, but I think the categories might need some more tweaking. I guess we all have different favorites that we care about here (e.g. I'm partial to most ARM platforms), we should have a balanced discussion about what should be weighted more than what and why to make sure the categories end up fair to all platforms.

For example, it seems like you're trying to slot RK3288 as "bronze", which I'd say is argueably the most free platform coreboot supports right now. I assume your rating comes from the external board components requiring proprietary firmware in this case. So a few points to start discussion:

- Is it fair to make external board components weigh more heavily than processor internals? I think at least external board components that are not essential (e.g. anything but keyboard, pointing device, display, network, maybe audio) or can be replaced with other components (e.g. USB can replace almost everything) should have the least impact on freedom level. In particular, it's not really fair to punish a board for including an optional non-free component that other boards don't have at all (like a laptop with a WiFi chip which essentially always require proprietary firmware vs. a desktop board that has nothing but empty PCIe slots).

- Anything required on the processor (e.g. microcode) should always weigh more heavily than external components. Disabling an external component (even something like keyboard/display) still leaves the system somewhat functional, whereas you can never disable the processor. Since microcode can essentially do anything I think it should always give a harsh rating unless it's feasible to run the board with the ROM-internal version.

- Why are you making an exception for the EC, of all things? The EC is usually the keyboard controller which is one of the most highly sensitive things there are. I think a proprietary keyboard controller should definitely be counted worse than a proprietary WiFi chip, for example (because they WiFi chip cannot sniff into your HTTPS stream, but the keyboard controller can totally read the password you typed).

So as a quick brainstorming, I'd rather suggest a ranking roughly like this to fairly reflect the risk the user is exposed to:

A. Everything free. B. Non-essential component (e.g. GPS sensor) requiring proprietary firmware. C. Network component (e.g. WiFi) requiring proprietary firmware if it can be bypassed (e.g. USB, expansion card). D. Input/output-sniffing component (pointing device, keyboard, display, audio) requiring proprietary firmware if it can be bypassed, or CPU requiring microcode if it can be bypassed (e.g. just using factory ROM code). E. CPU or equivalently privileged processor requiring non-resident proprietary boot firmware. F. Network component requiring proprietary firmware that cannot be bypassed (e.g. no USB ports). G. Input/output-sniffing component requiring proprietary firmware that cannot be bypassed, or CPU requiring microcode that cannot be bypassed. H. CPU or equivalently privileged processor requiring resident proprietary firmware (e.g. Intel ME, Qualcomm TrustZone).