[th/utils-security-valid]

I find nm_utils_security_valid() complicated.

It inherently is complicated, because various conditions are checked (in slightly different forms).

I think this could be easier to read by structuring the checks differently. Do that.