A readable name for each HSI level

[smallorange]

Hi Folks,

Currently, HSI only has a numerical level, such as HSI 0~1 and each number represents a security state from insecure to secure. If we only show the number to the user, the user may confuse and try to find the document to realize the meaning of the number or just ignore them immediately. So, a readable name for each HSI level can catch users' eyes and let them explicitly know the security status.

My plan is shown below.

• HSI 0
  Insecure state
  No firmware protection.
• HSI 1
  Critical state
  Basic protection but any failure would lead to a critical security impact.
• HSI 2
  Risky state
  The failure is only happened by the theoretical attack in the lab.
• HSI 3
  Protected state
  The system firmware only has few minor issues which do not affect the security status.
• HSI 4
  Secure state
  Absolut secure.

Does anyone have a better idea for their name?

Thank you

Kate

[superm1]

I don't like 0 mapping to no protection. It just means that some protections are missing.

[hughsie]

s/no/minimal?

@smallorange do you want to do a pull request with some of these changes and we can see how the new terms "sit" in the existing document? It might be better to see things in context, so to speak. I do agree that we don't want to show things like "HSI-1" in the various UIs that Allan is planning.

[superm1]

I'd say "limited" rather than minimal.

[smallorange]

"Limited" would be good, I think.

Sure, I'll prepare the document.

Thank you:)