I've long wondered about that. Are there really no browser based public key based solutions? Are there any fundamental reasons why that is like that other than that it never got implemented, or never became popular?
It seems like the "right" solution for the password problem.
-Martijn
I think TLS has a feature where the client can also provide a certificate, in order to use certificates to authenticate users. I've never heard of a site actually using it.
--bawolff