Client-authentication has actually been supported in SSL for a long time [1]. Unfortunately, there seems to be little interest in using that form of authentication in browsers. A big part of that is probably making a compelling user interface and teaching users how it works.
[1] summarizes why TLC client auth isn't wide spread, but he also proposes some TLS extensions to improve client auth. Such as Origin-bound certificates [2] so that the user does not have to choose which certificate to use for authenticating.
[1] https://en.wikipedia.org/wiki/Transport_Layer_Security#Clien...