1. [JA3 Fingerprint](https://scrapfly.io/web-scraping-tools/ja3-fingerprint) 2. [ TLS Extensions ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extensions "Browse all TLS Extensions") 3. pre\_shared\_key [ Browse All TLS Extensions ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extensions) # pre\_shared\_key TLS Extension Code: `41` ### Extension Details Extension Name `pre_shared_key` Extension Code (Decimal) `41` Extension Code (Hex) `0x0029` RFC Reference [ RFC 8446 ](https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.11) ### What is pre\_shared\_key? The Pre-Shared Key (PSK) extension in TLS 1.3 enables fast session resumption and 0-RTT (Zero Round-Trip Time) data. After an initial full handshake, the client and server derive a PSK which can be used to resume future sessions with reduced latency. 0-RTT allows the client to send application data in the first flight, eliminating a round trip. However, 0-RTT data lacks forward secrecy and is vulnerable to replay attacks, so it should only be used for idempotent operations. PSK resumption is more secure than TLS 1.2 session tickets. ### Role in JA3 Fingerprinting How This Extension Affects Fingerprinting The **pre\_shared\_key** extension is part of the TLS Client Hello packet that JA3 analyzes to create a unique fingerprint of your browser or HTTP client. **JA3 Construction:** JA3 concatenates TLS parameters including extensions in a specific format: `TLS_VERSION,CIPHERS,EXTENSIONS,CURVES,POINT_FORMATS` Different browsers and HTTP clients support different sets of TLS extensions, making this a key differentiator in fingerprinting. The presence, absence, or order of extensions like `pre_shared_key` can reveal: - Browser type and version (Chrome, Firefox, Safari, Edge) - Operating system (Windows, macOS, Linux, Android, iOS) - HTTP library (curl, Python requests, Go http.Client, Node.js) - Bot detection - automated tools often have distinctive extension sets ### Test Your TLS Configuration See if your browser or HTTP client includes the `pre_shared_key` extension in its TLS handshake: [ Test Your JA3 Fingerprint ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint) The JA3 tool will show all TLS extensions your client advertises, including pre\_shared\_key. ### Browser & Client Support **Modern Browser Support:** - **Chrome/Edge:** Full support for pre\_shared\_key - **Firefox:** Full support for pre\_shared\_key - **Safari:** Full support for pre\_shared\_key **HTTP Client Libraries:** - **curl:** Support varies by OpenSSL/LibreSSL version - **Python requests:** Limited TLS extension control - **curl\_cffi:** Can mimic browser TLS configurations - **Scrapfly API:** Automatically matches real browser TLS fingerprints ### Related TLS Resources ##### TLS Extensions - [server\_name (SNI)](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/server-name) - [supported\_groups](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/supported-groups) - [ALPN](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/application-layer-protocol-negotiation) - [supported\_versions](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/supported-versions) ##### Testing Tools - [JA3 Fingerprint Tool](https://scrapfly.io/web-scraping-tools/ja3-fingerprint) - [Browser Fingerprint Test](https://scrapfly.io/web-scraping-tools/browser-fingerprint) ### Technical References - **RFC Specification:** [ RFC 8446 - TLS Extensions ](https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.11) - **IANA Registry:** [ TLS ExtensionType Values ](https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml) - **JA3 Project:** [ JA3 - TLS Client Fingerprinting ](https://github.com/salesforce/ja3)