New features come to boost security and reduce latency

Jun 16, 2016 13:02 GMT  ·  By
Edge to get support for TLS 1.3, TLS False Start, and TCP Fast Open
2 photos
   Edge to get support for TLS 1.3, TLS False Start, and TCP Fast Open

Microsoft has announced a few upcoming changes in the way Edge handles encrypted and unencrypted traffic, which will speed up connection setup times and result in lower network latency.

These changes will arrive in Edge via Windows Insider Preview builds and will be added to the Edge core, the EdgeHTML engine, with version 14.14361 and higher.

Edge adds TLS 1.3 support, latest TLS protocol version

The first of these new features is TLS 1.3, the latest version of the TLS (Transport Layer Security) protocol. TLS 1.3 was announced last January, when it became an official draft with the IETF (Internet Engineering Task Force), and it is expected to launch this summer.

TLS 1.3 is a mere upgrade to the Web's most popular traffic encryption mechanism, and it's nice to see Microsoft commit to keeping the browser's protocol stack up to date with the latest advancements in this sector.

Unfortunately, all TLS connections require three roundtrips between the client and the server to establish. Two roundtrips are for establishing the TLS connection, and one is for the TCP connection. Here is where TLS False Start and TCP Fast Open can help.

TLS False Start and TCP Fast Open will speed up HTTPS connections

TLS False Start is an extension to the TLS protocol that allows connections to start sending encrypted data after the first TLS client-server roundtrip. This cuts down one of the two TLS roundtrips.

TCP Fast Open is an extension to the TCP protocol that uses a cryptographic cookie stored on the client to authenticate subsequent connections to a server. This allows future TCP connections to drop the required TCP roundtrip.

Combining TLS False Start and TCP Fast Open allows Edge to start TLS connections in one single roundtrip, cutting down the time needed to start an HTTPS connection.

"We have already enabled TLS False Start in Microsoft Edge, with a set of strong cipher suites," Microsoft engineer Christian Huitema explains, meaning users won't have to do anything on their side.

To enable TCP Fast Open, users have to navigate to the about:flags page, search for the Networking section, and check the option "Enable TCP Fast Open."

As mentioned above, you'll need to use Microsoft Edge with the Windows Insider Preview builds 14352 and higher.

Benefits of using TCP Fast Open and TLS False Start
Benefits of using TCP Fast Open and TLS False Start

Photo Gallery (2 Images)

Edge to get support for TLS 1.3, TLS False Start, and TCP Fast Open
Benefits of using TCP Fast Open and TLS False Start
Open gallery