I put my question on https://security.stackexchange.com/ and got this answer from @gowenfawr:
During the SSL handshake,
If the server requires a digital certificate for client authentication, the server sends a "client certificate request" that includes a list of the types of certificates supported and the Distinguished Names of acceptable Certification Authorities (CAs).
(quote is from a reasonably lucid explanation of the SSL handshake by IBM.)
The client then compares the certificates in its store against that list to see if it has any signed by the CAs that the server listed. If it finds one, it will send it, usually after prompting the user whether they want to send it. Presumably if there were multiple matches it would ask the user which to send (if any).