checkpoint

docs/outcome.md

@@ -79,12 +79,12 @@ Mismatch Errors are used when the connection is successful, but the content rece
 | status_mismatch         | The HTTP status code didn't match, eg. `403` instead of `200` |
 | body_mismatch           | The HTTP body didn't match, potentially a blockpage |
 | tls_mismatch            | An element of the TLS connection (certificate, cipher suite, or TLS version) didn't match |
-| blockpage               | The response was unexpected and matched a [known blockpage]((https://github.com/censoredplanet/censoredplanet-analysis/blob/master/pipeline/metadata/data/blockpage_signatures.json)) |
+| blockpage               | The response was unexpected and matched a [known blockpage](https://github.com/censoredplanet/censoredplanet-analysis/blob/master/pipeline/metadata/data/blockpage_signatures.json) |
 | trusted_host            | The response didn't match the expected response for the template. But it did match a common known server pattern, and is likely not censorship. This outcome is used for CDNs that respond in network-specific ways to domains they host. |
 
 ## DNS Outcomes
 
-The Satellite data uses its own unique set of outcomes, and does not use stages. The outcomes are based on DNS and POSIX TCP/IP socket return codes.
+The Satellite data uses its own unique set of outcomes, and does not use stages. The outcomes are based on DNS errors and POSIX TCP/IP socket return codes.
 
 | Outcome                | Additional Outcome Information | Explanation |
 | ---------------------- | ---------------------- | ----------- |
@@ -93,15 +93,15 @@ The Satellite data uses its own unique set of outcomes, and does not use stages.
 | ❗️ip.invalid           | One of `:zero`, `:local_host`, `:local_net` | The DNS request returned an IP that could never be valid. eg. `0.0.0.0`, `127.0.0.1` `10.10.0.0`, `172.16.0.0 |
 | ❗️ip.empty             |  | The DNS request returned an empty response |
 | ✅tls.validcert        |  | An HTTPS connection to a returned IP address returned a valid certificate which matched the expected domain |
-| ❗️tls.connerror        | `:<returned_ip_autonymous_system_name` eg `:ROSTELCOM` or `:AS<as_number` eg `:15169` or `:missing_as_info` | Attempting to connect to all returned IP addresses failed |
-| ❗️tls.baddomain        | `:<certificate_common_domain_name>` eg. `:` | An HTTPS connection to a returned IP returned a certificate for an unexpected domain. Could indicate a MITM attempt |
-| ❗️tls.badca            | `:<certificate_authority_issuer_name` eg. `:` | An HTTPS connection to a returned IP returned an invalid certificate |
-| ❗️http.blockpage       | `:<blockpage_id>` eg. `` | An HTTPS request to the returned IP address failed, but an HTTP request returned a [known blockpage](((https://github.com/censoredplanet/censoredplanet-analysis/blob/master/pipeline/metadata/data/blockpage_signatures.json))) |
-| ❗️dns.connrefused      |  | The DNS connection was refused |
-| ❗️dns.error            | `:<rcode_error_string>` eg. `:NXDomain` | The DNS request returned an [RCode]((https://datatracker.ietf.org/doc/html/rfc5395#section-2.3)) error |
-| ❗️dns.msgsize          |  | The DNS connection was refused |
+| ❗️tls.connerror        | `:<returned_ip_autonymous_system_name>` eg `:ERTELECOM_DS_AS` </br> or `:AS<as_number>` eg `:15169` </br> or `:missing_as_info` | Attempting to connect to all returned IP addresses failed |
+| ❗️tls.baddomain        | `:<certificate_common_domain_name>` eg. `:dnsfilter.net` | An HTTPS connection to a returned IP returned a certificate for an unexpected domain. Could indicate a MITM attempt |
+| ❗️tls.badca            | `:<certificate_authority_issuer_name>` eg. `:Fortiguard SDNS Blocked Page` | An HTTPS connection to a returned IP returned an invalid certificate. Could indicate a MITM attempt |
+| ❗️http.blockpage       | `:<blockpage_id>` eg. `:f_gen_id_1_satellite` | An HTTPS request to the returned IP address failed, but an HTTP request returned a [known blockpage](https://github.com/censoredplanet/censoredplanet-analysis/blob/master/pipeline/metadata/data/blockpage_signatures.json) |
+| ❗️dns.connrefused      |  | The DNS request was refused |
+| ❗️dns.error            | `:<rcode_error_string>` eg. `:NXDomain` | The DNS request returned an [RCode](https://datatracker.ietf.org/doc/html/rfc5395#section-2.3) error |
 | ❗️dns.timedout         |  | The DNS request timed out |
+| ❗️dns.msgsize          |  | The DNS request returned a message size error |
 | ❗️dns.protocol_error   |  | The DNS request failed with a protocol error |
-| ❗️unknown_error        |  | An unknown error occured |
-| ❔dns.hostunreach      |  | The IP address returned from the DNS request was unreachable |
-| ❔setup.system_failure |  | There was a test system failure, rendering the test invalid |
+| ❔dns.hostunreach      |  | The DNS resolver was unreachable |
+| ❔setup.system_failure |  | There was a test system failure, rendering the test invalid |
+| ❗️unknown_error        |  | An unknown error occured |