| Scrapfly

Extension Details

Extension Name

renegotiation_info

Extension Code (Decimal)

65281

Extension Code (Hex)

0xFF01

RFC Reference

RFC 5746

What is renegotiation_info?

The Renegotiation Info extension prevents the TLS renegotiation attack discovered in 2009. Without this extension, an attacker could inject a prefix into the TLS connection during renegotiation. The extension binds the original handshake to any subsequent renegotiations by including a hash of previous handshake messages. In the initial handshake, this extension is empty. During renegotiation, it contains verify_data from the previous handshake. This extension is defined in RFC 5746 and is supported by all modern TLS implementations. TLS 1.3 removes renegotiation entirely, making this extension obsolete.

Role in JA3 Fingerprinting

How This Extension Affects Fingerprinting

The renegotiation_info extension is part of the TLS Client Hello packet that JA3 analyzes to create a unique fingerprint of your browser or HTTP client.

JA3 Construction: JA3 concatenates TLS parameters including extensions in a specific format:
TLS_VERSION,CIPHERS,EXTENSIONS,CURVES,POINT_FORMATS

Different browsers and HTTP clients support different sets of TLS extensions, making this a key differentiator in fingerprinting. The presence, absence, or order of extensions like renegotiation_info can reveal:

Browser type and version (Chrome, Firefox, Safari, Edge)
Operating system (Windows, macOS, Linux, Android, iOS)
HTTP library (curl, Python requests, Go http.Client, Node.js)
Bot detection - automated tools often have distinctive extension sets

Test Your TLS Configuration

See if your browser or HTTP client includes the renegotiation_info extension in its TLS handshake:

Test Your JA3 Fingerprint

The JA3 tool will show all TLS extensions your client advertises, including renegotiation_info.

Browser & Client Support

Modern Browser Support:

Chrome/Edge: Full support for renegotiation_info
Firefox: Full support for renegotiation_info
Safari: Full support for renegotiation_info

HTTP Client Libraries:

curl: Support varies by OpenSSL/LibreSSL version
Python requests: Limited TLS extension control
curl_cffi: Can mimic browser TLS configurations
Scrapfly API: Automatically matches real browser TLS fingerprints

Related TLS Resources

TLS Extensions

Testing Tools

Technical References

RFC Specification: RFC 5746 - TLS Extensions
IANA Registry: TLS ExtensionType Values
JA3 Project: JA3 - TLS Client Fingerprinting