[1] summarizes why TLC client auth isn't wide spread, but he also proposes some TLS extensions to improve client auth. Such as Origin-bound certificates [2] so that the user does not have to choose which certificate to use for authenticating.

[1]: http://www.browserauth.net/tls-client-authentication [2]: http://www.browserauth.net/origin-bound-certificates