[mdriley]

This is a bug in NSS. Here's the corresponding bug I filed against Chromium: https://code.google.com/p/chromium/issues/detail?id=349775

[tptacek]

Wait, nobody does ECC client certificate TLS right?

[davidben]

It's been fixed, but that was a bug in Chrome's NSS glue between NSS and the OS X native key store. (The fix is under third_party/nss, but no one else carries that particular file.) As far as I know, it works fine on other platforms and in NSS itself.