updates Meet the browser: Microsoft Edge Next

[George P]

Managing Microsoft Edge in the enterprise.

[George P]

Anyone check out Edge in the newest 14366 insider build?  I know there's that new Office Online extension for it, anything else?

[margrave]

I'm not using Edge until I can drag from the address bar to make a shortcut/link, and also drag links/shortcuts into the browser to open them.

[BooBerry]

6 hours ago, George P said:

Anyone check out Edge in the newest 14366 insider build?  I know there's that new Office Online extension for it, anything else?

Quote

Performance and security matter to everyone. Better page load performance improves the user’s experience and influences their choice over which web pages to use. At the same time, users just expect their browsing experience to be secure and private. With TCP Fast Open, TLS False Start, and TLS 1.3, we can improve both performance and security.

Today, we’re introducing support for TCP Fast Open in Microsoft Edge behind an about:flags setting in Windows Insider Preview builds, starting with EdgeHTML 14.14361 and higher. Try it out and let us know what you think!

The road to TLS 1.3

We trust the internet with our most important information, including financial data.  Ensuring the integrity and security of these transactions is critical to the entire community.  More than half of web connections use TLS for securing the network traffic on the web, and this number grows every day. This is great for security and privacy, but we would like to deploy encryption without slowing down the web. Modern encryption itself is very fast, but requires negotiating keys to establish a connection before fetching page resources.  Each extra exchange through the network delays the connection by one “round trip time” (RTT).

With current standards, connections requiring TLS over TCP require round trips to the server (3-RTT) to negotiate—1 for TCP and 2 for TLS—before starting sending something useful, like the first HTTP GET command. This gets even more problematic when sites split content across multiple domains.  In practice, adding encryption adds delays in the range of hundreds of milliseconds to the page load time. Research shows that even 250ms delay is enough for a user to consider trying another website.

The good news is that a new standard, TLS 1.3, will allow developers to eliminate that delay in most cases while still encrypting content. That means delivering better performance and security in Microsoft Edge, using modern encryption on top of the continually improved TCP stack. TLS 1.3 is working through the standardization track now, and the IETF expects to publish it this summer. But even without TLS 1.3, we can combine TCP Fast Open and the TLS False Start option, and reduce the delay from 3-RTT to 1-RTT. Even reducing your page load time by an average of 50 milliseconds will contribute to a better browsing experience.

Full handshake with TCP and TLS

The current TCP and TLS standards require 3 roundtrips to the server (3-RTT).  The first round trip is where we negotiate the TCP connection parameters. In the second roundtrip, the client and server exchange TLS messages starting with Client Hello and Server Hello to agree on parameters and keys of the connection. The last roundtrip includes the verification of the TLS handshake integrity through the Client and Server Finished messages.

Full Handshake – TLS 1.0, 1.1, 1.2

Achieving 1-RTT with TLS False Start and TCP Fast Open

The first improvement comes from the TLS False Start option, which allows the client to start sending encrypted data immediately after the first TLS roundtrip. With that, we are down to 1-RTT for TLS, or 2-RTT if we count the TCP connection. We have already enabled TLS False Start in Microsoft Edge, with a set of strong cipher suites.

TLS False Start – TLS 1.0, 1.1, 1.2

The next improvement comes from the TCP Fast Open procedure, defined in RFC 7413. The RFC defines a new TCP option, containing a “Fast Open Cookie.” When a “Fast Open capable” client connects to a server for the first time, it inserts an empty cookie in the initial TCP SYN message, prompting the server to send back a valid cookie in the response. For the subsequent connections, the client copies the cookie in the TCP SYN message, and then sends data immediately. If the server recognizes the data as valid, it will accept the data and pass them to the application. When TCP Fast Open is enabled, data can be sent before the connection complete, and the responses will arrive immediately. When we combine TCP Fast Open and TLS False Start, the key negotiation is performed simultaneously with the initial TCP handshake. There is just 1-RTT before the HTTP traffic starts.

TLS False Start with TCP Fast Open

What’s next: 0-RTT with TLS 1.3

TCP Fast Open is available behind an about:flags setting in Microsoft Edge in Windows Insider Preview builds 14352 and higher. You can manage the TCP Fast Open setting by navigating to about:flags in the address bar. TCP Fast Open is currently off by default in Microsoft Edge for “HTTPS” connections, but we may adjust this in future preview builds in order to get more telemetry data.

TCP Fast Open can be managed via about:flags in Microsoft Edge

The next stage in our journey is to move from 1-RTT to 0-RTT using TLS 1.3. It turns out that doing 0-RTT safely is quite tricky—all 0-RTT solutions require sending key material and encrypted data from the client without waiting for any feedback from the sender. At a minimum, that means that adversaries can capture and replay the messages, which implies that the feature has to be used with great care. In addition to that, there are many potential pitfalls, such as compromising privacy by carrying identifiers in clear text in the Hello message, or risking future compromise if the initial encryption depends on a server public key. The IETF working group is working through these issues now, and as they are resolved we expect to see adoption calls this summer and publication of the standard a few months later.

TLS 1.3 Session Resume combined with TCP Fast Open

We know performance and security matter to our users and we’re committed to delivering a 0-RTT experience in Microsoft Edge through HTTP 2.0, TLS 1.3, TCP Fast Open, and TLS False Start. We’re also going to continue to work with industry leaders and experts in the standards bodies to build an interoperable TLS 1.3 solution for the web. You can try TCP Fast Open and TLS False Start on Windows Insider Preview builds today

 

[BooBerry]

Bringing ChakraCore to Linux and OS X

[+Red King]

PSA,

Current version of uBlock for Edge makes certain pages become downloads instead of being loaded in the browser.

 

EDIT:

uBlock Issue - https://github.com/nikrolls/uBlock-Edge/issues/45

Edge Bug - https://developer.microsoft.com/en-us/microsoft-edge/platform/issues/8796739/

[Boo Berry]

This is likely why uBlock Origin isn't visible on the Windows Store yet.

[George P]

This topic hasn't been updated in quite some time it seems, shame really as I use Edge along with Vivaldi on my systems.  The newest version, 42.17134.1.0 that comes with the April 2018 update is a very nice improvement over the one before.  Still, the only issue I keep having, at least on my desktop, doesn't happen on my laptop though, is on the front page of Neowin.  If I go into a FP post with lots of comments and try to replay the page UI will lock up, can't scroll up or down.   Edge itself keeps working fine, I'm just forced to reload the page.   Only on posts with 20-30+ comments, when it's only a handful it doesn't happen.  Also it doesn't happen on my laptop, but that could also be because I don't open anywhere near the number of tabs on that compared to my desktop, so that could come into play.

[+Zlip792]

17 hours ago, George P said:

This topic hasn't been updated in quite some time it seems, shame really as I use Edge along with Vivaldi on my systems.  The newest version, 42.17134.1.0 that comes with the April 2018 update is a very nice improvement over the one before.  Still, the only issue I keep having, at least on my desktop, doesn't happen on my laptop though, is on the front page of Neowin.  If I go into a FP post with lots of comments and try to replay the page UI will lock up, can't scroll up or down.   Edge itself keeps working fine, I'm just forced to reload the page.   Only on posts with 20-30+ comments, when it's only a handful it doesn't happen.  Also it doesn't happen on my laptop, but that could also be because I don't open anywhere near the number of tabs on that compared to my desktop, so that could come into play.

This issue was already discussed somewhere on this forum or else.

 

It is due to adblocking extension in Edge. I would recommend that you try after disable and try it.

[George P]

2 hours ago, Zlip792 said:

This issue was already discussed somewhere on this forum or else.

 

It is due to adblocking extension in Edge. I would recommend that you try after disable and try it.

That's what I thought as well, but I only have lastpass installed.   Maybe after the uninstall I'll have to restart edge though, which I didn't do yet, and see how it goes.

[George P]

Ok, just tried after a restart, no adblockers installed, still locks up for me.  Just weird I guess.

[+Zlip792]

42 minutes ago, George P said:

That's what I thought as well, but I only have lastpass installed.   Maybe after the uninstall I'll have to restart edge though, which I didn't do yet, and see how it goes.

Can you check, which about:flags are enabled?

 

Further, you can unlock more settings in the about:flags by pressing "Ctrl+Shift+D" and ensure that it is configured to 'Release'. For testing, try with 'Canary' as well.

 

Link - https://www.askvg.com/windows-10-tip-enable-hidden-diagnostics-options-on-about-flags-page-in-microsoft-edge/

[George P]

16 minutes ago, Zlip792 said:

Can you check, which about:flags are enabled?

 

Further, you can unlock more settings in the about:flags by pressing "Ctrl+Shift+D" and ensure that it is configured to 'Release'. For testing, try with 'Canary' as well.

 

Link - https://www.askvg.com/windows-10-tip-enable-hidden-diagnostics-options-on-about-flags-page-in-microsoft-edge/

Ok, let me check those and list them, or at least compare them to the settings in Edge on my laptop which doesn't seem to have this issue.  I'll report back.

[+Zlip792]

6 minutes ago, George P said:

Ok, let me check those and list them, or at least compare them to the settings in Edge on my laptop which doesn't seem to have this issue.  I'll report back.

Further, can you give me following information?

 

- Front Page reproducible link?

- Antivirus (if different on both - whether HTTPS inspection is enabled or not)

- Addons on both?

- GPU and driver version?

 

Most probable culprit from my perspective could be GPU or HTTPS inspection. If you share the link, I will try to reproduce on my work laptop and see. (Don't have access to any other system - since I am out for project in another country since August 2017). ??

[George P]

2 minutes ago, Zlip792 said:

Further, can you give me following information?

 

- Front Page reproducible link?

- Antivirus (if different on both - whether HTTPS inspection is enabled or not)

- Addons on both?

- GPU and driver version?

 

Most probable culprit from my perspective could be GPU or HTTPS inspection. If you share the link, I will try to reproduce on my work laptop and see. (Don't have access to any other system - since I am out for project in another country since August 2017). ??

Ok, I figured out what the issue is exactly and it might be a bug specific to neowin because I haven't had this happen on other sites.   On my desktop I use a default zoom level of 150%, helps me with reading text, on neowin if I use a lower zoom level, like the default 100% or 125%, no front page lock, page works fine.  Once I raise it to 150% and try to reply to a post on FP, it'll lock.  So maybe it's the zooming/scaling side + my older gfx drivers?   I figure for now I can just reduce the zoom level to 125% on the front page if I have to to work around it.

[+Zlip792]

1 hour ago, George P said:

Ok, I figured out what the issue is exactly and it might be a bug specific to neowin because I haven't had this happen on other sites.   On my desktop I use a default zoom level of 150%, helps me with reading text, on neowin if I use a lower zoom level, like the default 100% or 125%, no front page lock, page works fine.  Once I raise it to 150% and try to reply to a post on FP, it'll lock.  So maybe it's the zooming/scaling side + my older gfx drivers?   I figure for now I can just reduce the zoom level to 125% on the front page if I have to to work around it.

It is more likely related to Edge - Paint or Layout performance issue + Old GFX driver issue.

 

I will recommend you to update the GFX drivers to get smooth experience and optimal performance.

[George P]

4 minutes ago, Zlip792 said:

It is more likely related to Edge - Paint or Layout performance issue + Old GFX driver issue.

 

I will recommend you to update the GFX drivers to get smooth experience and optimal performance.

Yeah, I'll upgrade drivers and see how it goes.  Thanks for helping out. 

[George P]

So since the new chromium based Edge is still Edge I suppose we don't need a whole new topic for it.  

 

Anyways, I'm on Canary and the version was just bumped up to 75.0.124.0 for those who are keeping track.

[Chicane-UK]

Been using the dev Edge for a week or two now and am actually really pleased with it.. seems very fast and free of "cruft". To be honest if I could have imagined a perfect browser it would have been Chrome based but without all of Google's bolt-in's so I guess it's perfect for me. Also rather awesome that it'll be coming to macOS as I use that too so... will be able to keep both browsers sync'd up in terms of bookmarks, settings, etc

[Brandon H]

I hope they change their mind on Linux support at some point as I still say that's a huge missed opportunity. If they don't want to upkeep multiple Linux repositories they could package it as a SNAP app or something.

[George P]

3 hours ago, Brandon H said:

I hope they change their mind on Linux support at some point as I still say that's a huge missed opportunity. If they don't want to upkeep multiple Linux repositories they could package it as a SNAP app or something.

Have they officially said no Linux version ever?  Or just that it's not in the plan right now?  Because I can see them releasing one later, maybe going off of the macOS version which is probably a good starting point code wise compared to the Windows version.   They'll have to add more features before they should expand it to more platforms.

 

Speaking of which, anyone on the newest Canary build?  76.0.141.0?   My youtube kb controls are borked with this version it seems.  I used to be able to use the arrow keys for volume and skip forward, back.  Now volume works, sometimes, but hitting the right arrow doesn't skip the video ahead anymore.  It's so annoying right now.

 

*edit* Well, heck, right after I posted this I checked for a newer build and am now on 76.0.144.0 and it's working again.  

[Brandon H]

8 minutes ago, George P said:

Have they officially said no Linux version ever? 

not specifically but announced support is only as follows:

 

WIndows 7/8.1/10

MacOS - coming soon

 

and Android/iOS mobile apps are being updated to make syncing compatible but not much else at this time

[Chicane-UK]

6 hours ago, Brandon H said:

I hope they change their mind on Linux support at some point as I still say that's a huge missed opportunity. If they don't want to upkeep multiple Linux repositories they could package it as a SNAP app or something.

 

Agreed... it'd be pretty awesome on Linux. They're already doing other products for Linux (e.g. Visual Studio Code) - doesn't seem like a browser based on something already available on Linux would be such a massive stretch. 

[George P]

There are some reports that the newest canary build has working spell check for some.  It's still not working for me, anyone have it working for them?

[PsYcHoKiLLa]

14 hours ago, George P said:

Have they officially said no Linux version ever?  Or just that it's not in the plan right now?  Because I can see them releasing one later, maybe going off of the macOS version which is probably a good starting point code wise compared to the Windows version.   They'll have to add more features before they should expand it to more platforms.

 

Speaking of which, anyone on the newest Canary build?  76.0.141.0?   My youtube kb controls are borked with this version it seems.  I used to be able to use the arrow keys for volume and skip forward, back.  Now volume works, sometimes, but hitting the right arrow doesn't skip the video ahead anymore.  It's so annoying right now.

 

*edit* Well, heck, right after I posted this I checked for a newer build and am now on 76.0.144.0 and it's working again.  

 

Yeah I noticed the cursor keys issue too, reported it using the tool. On mine, pressing the cursor keys throws the cursor into the address bar, especially annoying when you are navigating a comment you are creating and forget.