Even though Firefox and Chrome both use the same TLS implementation (NSS's libssl), the ways in which Firefox and Chrome use it differ. Based on discussions with the credited researchers and with other members of the NSS team, Firefox doesn't need to implement such a restriction, so there's nothing to worry about as far as Firefox is concerned. And, that's about all I should say about it at this time, I think.
The SSLClientSocketNSS::Core::OwnAuthCertHandler function in net/socket/ssl_client_socket_nss.cc in Google Chrome before 33.0.1750.117 does not prevent changes to server X.509 certificates during renegotiations, which allows remote SSL servers to trigger use of a new certificate chain, inconsistent with the user's expectations, by initiating a TLS renegotiation.
Access Vector: Network exploitable
Access Complexity: Low
Authentication: Not required to exploit
Impact Type:Allows unauthorized disclosure of information; Allows unauthorized modification
