crypto/elliptic: P-384 is not constant-time #11499
P-384, unlike P-224 and P-256, does not have a constant time implementation in the Go standard library. This has become substantially more problematic as a result of #9333, which merged support for TLS ciphersuites that are typically used with a P-384 certificate.
(P-521 also doesn't have a constant-time implementation, but no one really uses it for anything.)
referenced this issue
Jul 1, 2015
It's quite true, but a lot of work and I've no plans to tackle it for now.
However, P-384 certificates are only used as intermediates (that I've observed). ECC certificates issued by CAs have, so far as I've seen, uniformly been P-256. Thus P-384 only matters for certificate verification and, in that case, constant-time behaviour is irrelevant.