From 91dc5f5bfec4cf8ab15c57026019475693eb2fda Mon Sep 17 00:00:00 2001
From: onefang
Date: Thu, 26 Dec 2019 17:34:48 +1000
Subject: Complete the explanations.html text.

---
 explanations.html | 28 +++++++++++++++++++++++-----
 1 file changed, 23 insertions(+), 5 deletions(-)

(limited to 'explanations.html')
diff --git a/explanations.html b/explanations.html
index f48acc1..a101a08 100644
--- a/explanations.html
+++ b/explanations.html
@@ -13,11 +13,24 @@ so that the results page can link to the various parts for the curious.<p>
 <p>The FTP tests have not been written yet.</p>
 
 <hr><h1 id="HTTP">HTTP tests</h1>
-<p>
+<p>There are two styles of HTTP tests - actual HTTP downloads and HTTP HEAD tests.  &nbsp;
+Actual downloads happen when other tests need the files to be downloaded. &nbsp;
+HEAD tests are where apt-panopticon probes things in detail. &nbsp;
+For each mirror (including the DNS round robin domain), and for each IP of that mirror -
 </p>
+<ul>
+<li>Chose a small collection of package files to test, and the Release files for each release.</li>
+<li>Send a HTTP HEAD request for each of those files.</li>
+<li>Carefully inspect and log the response.</li>
+<li>Retry the request if needed, and log that.</li>
+<li>If a redirect loop is detected, log that and give up.</li>
+<li>If the mirror replies with a redirect to the same mirror, then try that and keep checking.</li>
+<li>If the mirror replies with a redirect to a different server, then probe that mirror the same way.</li>
+</ul>
 
 <hr><h1 id="HTTPS">HTTPS tests</h1>
-<p>
+<p>The HTTPS tests are very similar to the HTTP tests detailed above, though obviously they are tried with HTTPS requests intead of HTTP requests. &nbsp;
+The validity of the HTTPS certificate for each server is tested as well.
 </p>
 
 <hr><h1 id="RSYNC">rsync tests</h1>
@@ -38,15 +51,20 @@ Servers in the DNS round robin will not have the HTTPS certificate for the round
 
 <hr><h1 id="URL-Sanity">URL sanity tests</h1>
 <p>The URL sanity test replaces "/" in URLS with "///", to see if the mirror can cope with that. &nbsp;
-This might happen due to a mis configuration by the apt user, but decent web servers should cope with that. &nbsp;
+This might happen due to a minor mis-configuration by the apt user, but decent web servers should cope with that. &nbsp;
 The result for a mirror that does not cope is a failed download for that use, so this is an error.
 </p>
 
 <hr><h1 id="Integrity">Integrity tests</h1>
-<p></p>
+<p>Actually download files, then check things like PGP keys, SHA256 check sums, and file size. &nbsp;
+For actual packages, pick the smallest one that has been recently updated.
+</p>
 
 <hr><h1 id="Updated">Updated tests</h1>
-<p></p>
+<p>Make sure the Release files are up to date by checking their internal "Date" field. &nbsp;
+If they are up to date, download and check updated Packages.xz files, and actual packages. &nbsp;
+For actual packages, pick the smallest one that has been recently updated.
+</p>
 
 <hr><h1 id="Speed">Speed test</h1>
 <p>The speed test tries to guess at a minimum and maximum speed range for each mirror. &nbsp;
-- 
cgit v1.1

