Browse All TLS Extensions

early_data

TLS Extension Code: 42

Extension Details

Extension Name
early_data
Extension Code (Decimal)
42
Extension Code (Hex)
0x002A
RFC Reference
RFC 8446

What is early_data?

The Early Data extension (also known as 0-RTT) allows clients to send application data in the first flight of a resumed TLS 1.3 handshake, reducing connection latency from 2 round trips to 1. This is particularly beneficial for mobile and high-latency connections. However, 0-RTT data lacks forward secrecy and is vulnerable to replay attacks, as an attacker can capture and resend the first flight. Therefore, 0-RTT should only be used for idempotent HTTP methods (GET, HEAD, OPTIONS) and not for state-changing operations (POST, PUT, DELETE).

Role in JA3 Fingerprinting

How This Extension Affects Fingerprinting

The early_data extension is part of the TLS Client Hello packet that JA3 analyzes to create a unique fingerprint of your browser or HTTP client.

JA3 Construction: JA3 concatenates TLS parameters including extensions in a specific format:
TLS_VERSION,CIPHERS,EXTENSIONS,CURVES,POINT_FORMATS

Different browsers and HTTP clients support different sets of TLS extensions, making this a key differentiator in fingerprinting. The presence, absence, or order of extensions like early_data can reveal:

  • Browser type and version (Chrome, Firefox, Safari, Edge)
  • Operating system (Windows, macOS, Linux, Android, iOS)
  • HTTP library (curl, Python requests, Go http.Client, Node.js)
  • Bot detection - automated tools often have distinctive extension sets

Test Your TLS Configuration

See if your browser or HTTP client includes the early_data extension in its TLS handshake:

Test Your JA3 Fingerprint

The JA3 tool will show all TLS extensions your client advertises, including early_data.

Browser & Client Support

Modern Browser Support:

  • Chrome/Edge: Full support for early_data
  • Firefox: Full support for early_data
  • Safari: Full support for early_data

HTTP Client Libraries:

  • curl: Support varies by OpenSSL/LibreSSL version
  • Python requests: Limited TLS extension control
  • curl_cffi: Can mimic browser TLS configurations
  • Scrapfly API: Automatically matches real browser TLS fingerprints

Related TLS Resources

TLS Extensions
Testing Tools

Technical References