Category: Tech Insight


MIDAS and Internet Explorer 11

Here are MIDAS HQ we love getting feedback from our customers! Whether positive or critical, all feedback is important to us as it helps us to continually develop and improve our MIDAS room booking & resource scheduling software and service to make it the best it can be!

Our customer feedback is overwhelmingly positive, and you can read some of these comments on our website and also on independent review sites such as TrustPilot.

However, in recent times a handful of customers have commented specifically in relation to the user interface (UI) of MIDAS, which a few perceive as now a little “dated”.

We wanted to begin addressing this for our next MIDAS update, v4.20, and so we’ve introduced a number of changes and improvements in this area which you can read about in the following blog post.

However, we also thought it would be useful to explain some of the challenges we’ve faced with regards to the UI over the years.

As you may or may not know, MIDAS has been in continuous active development for well over a decade, and our philosophy has always been to support ALL popular web browsers (Internet Explorer, Mozilla Firefox, Google Chrome, Opera, Apple Safari, and more recently Microsoft Edge).

Room Booking System for Chrome, Firefox, Safari, Opera, and Edge This has been an enormous task over the years, but we feel strongly that our users should have a choice of which web browser they use, with a consistent MIDAS experience between browsers, and not be forced to use one particular browser in order to be able to access and use our MIDAS software.

It’s fair to say that the most difficult web browser to maintain support for over the years continues to be Microsoft’s Internet Explorer series, primarily because it has always lagged way behind all other vendor’s browser offerings in terms of its development, updates, and support for the latest standards (the web has developed and evolved significantly over the years we’ve been developing MIDAS, and Internet Explorer doesn’t keep up!).

To some extent we’ve been “held back” over the years by our decision to continue to support customers who force their uses to use Internet Explorer, however, as of today the only version of Internet Explorer we officially support is 11, having deprecated support for IE10 & 9, IE8, IE7, and IE6 over the past decade.

MIDAS and Internet Explorer 11 Continuing to support MIDAS in IE11 for the very small (and ever decreasing) percentage of our users who continue to use this old browser limits how we can develop MIDAS, particularly in terms of the user interface.

Whilst we would have loved to have dropped IE11 support long ago, Microsoft have committed to providing mainstream support for IE11 until the end of life of the operating systems upon which it is installed – namely, Windows 7, 8 and 10. Windows 7 & 8 have both now reached their EOL (End Of Life) for mainstream support, however Windows 10 is still actively supported by Microsoft and will continue to be for the foreseeable future (for a minimum of at least two years).

That’s why we’ve taken the difficult – but necessary – decision that at some point during 2019 we’ll officially be dropping IE11 support in MIDAS.

This won’t necessarily mean that MIDAS will suddenly cease to function for IE11 users next year, but it does mean that over time new features and new user interface elements and enhancements may not display or even function correctly if you continue to access MIDAS using Internet Explorer 11.

If you’re currently an IE11 user, there is however, plenty of time to switch to a different web browser and there’s plenty of choice when it comes to modern alternative web browsers.

MIDAS will continue to be supported in recent versions of Firefox, Chrome, Safari, Edge, and Opera.

We appreciate that this may affect a very small number of users, but we hope this blog post gives some insight and understanding as to why we’re making this decision and also gives you plenty of time to switch to an alternative, more modern, web browser.

As ever, if you have any questions or concerns over how this may impact you and your organization’s use of MIDAS, please don’t hesitate to contact us and our friendly team will be only too happy to help!

New Content Delivery Network (CDN)

May’s been a busy month here at MIDAS HQ!

Not only have we migrated Certificate Authorities to Let’s Encrypt, but we’re also been testing a new Content Delivery Network (CDN) feature in MIDAS.

To explain what a CDN does, imagine viewing a photograph online. That photograph will be stored on a web server somewhere. If you’re in the UK and the server where the photograph resides is located in Australia, it will take your browser longer to establish a connection and download the image from the other side of the world than it would do if the server was located in the same country as the person viewing the image. Now, we may only be talking of a few fractions of a second longer, but if you’re viewing a webpage containing several photographs, that can soon add up!

A Content Delivery Network vastly improves performance by storing (or “caching”) a copy of the photograph from the source server on multiple servers all around the world. Then, when a viewer requests the photograph, the CDN serves a cached copy of the file from whichever server is geographically closest to the viewer. This greatly improves the load time for the viewer, and also reduces the load on the original server (as the photograph is served from the CDN “cache” instead).

As a CDN “caches” a source file/webpage, it is only suitable for “static” content which doesn’t change frequently (for example, images, Javascript, Cascading Style Sheets, downloads, etc). “Dynamic” content (i.e. content which changes frequently/upon each visit, files must still be served directly from the origin server, rather than via the CDN.

In MIDAS v4.18 we unofficially introduced support for serving static resources from a CDN (CloudFlare), and this has been automatically enabled for all MIDAS trials and for all new cloud-hosted customers since the start of April, whilst we closely monitored its impact and effectiveness.

As our CDN trials proved effective and exceeded our expectations, throughout May we’ve been engaged in a phased roll-out of the CDN for remaining cloud-hosted customers, and we’re pleased to announce that all cloud-hosted MIDAS systems now have CDN support enabled.

We’re currently seeing nearly 90% of all requests for static resources being served directly from CloudFlare’s global CDN network, and performance improvements and reduction in load times of customer’s hosted MIDAS systems of between 13% – 67%!

We’re sure you’ll appreciate these performance improvements, which are all part of our ongoing commitment to provide the best possible service for our customers! …and we’ve more improvements and enhancements in the pipeline too!

Let's EncryptDuring the course of May we’ve been migrating our domain’s security certificates from ones issued by GlobalSign to ones issued instead by Let’s Encrypt.

What Is A Security Certificate?

In essence, a security certificate is what allows you to connect to a website over a secure https connection (instead of traditional, insecure, http). A valid and strong security certificate is what ensures that the connection and traffic between your web browser and the website/service you’re using is encrypted.

What Is A Certificate Authority?

Put simply, a “Certificate Authority” (or CA for short) is an organization responsible for issuing and revoking security certificates for websites. Popular CA’s include Comodo, Symantec, GoDaddy, and GlobalSign to name but a few.

Which Domains Are Affected?

All mid.as domains and *.mid.as sub domains (including our cloud-hosted customer’s domains)

Why Is This Happening?

Our security certificates were due for renewal in June, and as part of our continuous commitment to provide visitors to our site and customers alike with the best possible experience, we took the opportunity to review who provides our security certificates. Let’s Encrypt provide HTTPS certificates to over 70 million domains, and switching to certificates issued by Let’s Encrypt allows us to simplify and automate the management of security certificates across our growing MIDAS network.

Will I Notice Anything Different?

In short, no!

In order to migrate our CA from GlobalSign to Let’s Encrypt, we needed to remove the previous GlobalSign (AlphaSSL) certificate from each *.mid.as domain and install a new Let’s Encrypt certificate in its place. We have being doing this in a phased transition for all *.mid.as domains during the course of May, and we’re pleased to report that this transition to Let’s Encrypt is now fully completed.

Here’s how the old and new certificate issuers now look for our *.mid.as domains:

CA Migration to Let's Encrypt

We’d also like to reassure hosted customers that no domains, URLs, or IP addresses have changed as a result of this CA migration.

If you experience any issues or have any concerns, please don’t hesitate to reach out to us and we’ll be happy to help!

A note for cloud-hosted API users

Whilst unlikely, depending upon your code and development platform/language, you may initially receive a certificate warning/error when mmaking API calls now that the security certificate for your dedicated *.mid.as subdomain has changed, which may prevent your code/app from working temporarily until you accept the new security certificate.

Also, in some rare cases, you may not be able to access the API if your platform/device is listed as incompatible in Let’s Encrypt’s certificate compatibility list.

Finally, please be aware that Let’s Encrypt issues auto-renewing certificates which are valid for fixed periods of 90 days.

As part of our ongoing commitment to the services we provide to our “cloud-hosted” customers, we’ll shortly be upgrading all our client servers to support HTTP/2.

HTTP/2 is the first major new version of the HyperText Transfer Protocol (HTTP) for two decades, and will eventually replace the previous HTTP/1.1 protocol which was standardized way back in 1997.

The primary goal of HTTP/2 is to overcome many of the shortcomings of the twenty year old HTTP/1.1 protocol, particularly in relation to how content is delivered over the internet.

HTTP/2 focuses on optimizing the communication and flow of content between web servers and web browsers. When a user connects to a web site, their browser negotiates an HTTP session with the server. The type of session created will vary depending on the features supported by the browser and the server. If both ends support the latest HTTP/2 protocol, the server uses the HTTP/2 protocol to shape and optimize traffic before it passes through the network back to the browser.

Once the browser and server agree to use HTTP/2, they can utilize additional features such as compression and multiplexing to optimize the connection. If either the web server or the user’s web browser doesn’t support HTTP/2, the connection will fall back to the HTTP/1.1 protocol.

Benefits of HTTP/2

One of the main improvements over HTTP/1.1 is that HTTP/2 uses simultaneous connections (or multiplexing). Previously only one resource can be fetched from the server at a time, however with HTTP/2 multiple resources can be fetched over a single connection concurrently.

Another benefit is header optimization. Every request over HTTP contains header information. With HTTP/1.1, many of these headers are repeated over a single session. HTTP/2 removes redundant headers while compressing the remaining headers, leading to performance improvements.

Benefits to cloud-hosted MIDAS users

In terms of MIDAS, the benefit of our client servers supporting HTTP/2 is that users will see notable improvements in page load speed and responsiveness when using MIDAS.

In our pre-testing, we saw page load times via HTTP/2 improve by some 20% over the same pages loaded via HTTP/1.1

When will the upgrade happen?

We’ll be upgrading our client servers to support HTTP/2 over the coming weekend (15/16th July 2017), and other than a quick server restart, no additional downtime is expected. For more information, be sure to check our our dedicated Service Status site (which already supports HTTP/2!), and follow us on Twitter for updates.

Will I need to do anything?

No action is required on your part!

If you’re running a modern operating system and web browser, you won’t need to do anything – your browser will already support HTTP/2, you’ll still access MIDAS in exactly the same way, and once our servers are HTTP/2 enabled over the weekend, your browser will adjust accordingly.

If you’re not running a HTTP/2 compliant browser/operating system don’t worry, you’ll still be able to connect to your hosted MIDAS system over HTTP/1.1 as before, but you may like to consider upgrading your operating system & browser to one that supports HTTP/2 for a better MIDAS experience!

  • Edge Chrome Firefox Current versions of Edge, Chrome, and Firefox browsers fully support HTTP/2.
  • Safari Current versions of Safari support HTTP/2 on OSX 10.11+
  • Internet Explorer Internet Explorer 11+ supports HTTP/2 on Windows 10 only

UPDATE: Our network is now fully HTTP/2 enabled, and we’re seeing some great performance improvements too!

Disabling TLS 1.0 in early 2017

TLS stands for “Transport Layer Security” and is a cryptographic mechanism used to facilitate secure connections and communications over the internet. Several incarnations of the TLS protocol have been developed over the years (1.0, 1.1, and 1.2), with 1.0 being the oldest and now approaching the ripe old age of 18!

TLS 1.0 is now considered a “legacy protocol” and “weak” by today’s cryptographic standards, as it is susceptible to several vulnerabilities. Modern web browsers automatically default to preferring TLS 1.2 or TLS 1.1 over legacy TLS 1.0 connections, however some older browsers do not support the more modern and secure TLS 1.1/1.2 protocols.

As part of our ongoing commitment to security, in early 2017 we intend to drop support for legacy TLS 1.0 connections to our client servers. The vast majority of users will be unaffected by this change, but if you’re using an older web browser/operating system, you may need to update.

The minimum browser requirements for MIDAS v4.14 (and later) have also been updated accordingly.

The following table of web browsers provides additional guidance as to any action you may need to take to ensure you can continue to access our site/your hosted MIDAS system in 2017:

Browser Version Comments
Microsoft Internet Explorer 11 OK (If you see the “Stronger security is required” error message, you may need to turn off the “Use TLS 1.0” setting via Internet Options → Advanced)
9-10 OK (When running Windows 7 or newer, however you’ll need to enable TLS 1.1 and TLS 1.2 in Internet Explorer by selecting the “Use TLS 1.1” and “Use TLS 1.2” boxes via Internet Options → Advanced)
Upgrade Required (Windows Vista, XP and earlier are incompatible and cannot be configured to support TLS 1.1 or TLS 1.2 – Please update your operating system)
8 (or lower) Please update to a more recent version of Internet Explorer
Microsoft Edge All Versions OK – No action required
Mozilla Firefox 27+ OK – No action required
23-26 OK (Use about:config to enable TLS 1.1 or TLS 1.2 by updating the security.tls.version.max config value to 2 for TLS 1.1 or 3 for TLS 1.2)
22 (or lower) Please update to a more recent version of Firefox
Google Chrome (Desktop) 38+ OK – No action required
22-37 OK – No action required (Provided you’re running Windows XP SP3, Vista, or newer, OS X 10.6 (Snow Leopard) or newer)
21 (or lower) Please update to a more recent version of Chrome
Google Chrome (Mobile) Android 5.0+ (Lollipop) OK – No action required
Android 4.4.x (KitKat) Device Dependent (Some Android 4.4.x devices may not support TLS 1.1 or higher. Please refer to your device manufacturer if unsure)
Android 4.3 (Jelly Bean) (or lower) Please update to a more recent version of Android
Apple Safari (Desktop) 7+ OK – No action required
6 (or lower) Please update to a more recent version of Safari
Apple Safari (iOS) iOS 5+ OK – No action required
iOS 4 (or lower) Please update to a more recent version of iOS

Important Information For Hosted API users:

If you’re a cloud-hosted MIDAS customer utilizing the optional MIDAS API, please ensure that your applications and the underlying programming language you develop in can support (and are correctly configured for) TLS 1.1/1.2 connections. For instance Java 6 (1.6) (and lower) and .NET 3.5 (and lower) languages don’t support TLS 1.1/1.2.
If your applications/programming languages do not support at least TLS 1.1, your MIDAS API calls will begin to fail in early 2017 once we disable TLS 1.0.
Please refer to the vendor of your programming language if you’re unsure whether it supports TLS 1.1/1.2, or for assistance enabling such support in your development environment.

UPDATE: 1st April 2017

In advance of dropping TLS 1.0 support across our entire network this year, we’ve initially dropped TLS 1.0 support on our dedicated Service Status site. If you’re not sure whether or not you’ll still be able to access your hosted MIDAS system once TLS 1.0 support is dropped in the near future, please visit https://midas.network. If you’re able to visit this site without issue, then you’ll still be able to access MIDAS going forward.

UPDATE: 1st July 2017

As of today, our servers no longer accept TLS 1.0 connections. If you’re unable to access our site/a hosted MIDAS system, please upgrade your web browser.

[ Back to top ]