Use client SSL certificates as web application authentication

view story

http://serverfault.com – I'm working on a web application with simple API needing authentication. For my application nature, users have two RSA keys, for signing and encrypting messages. My protocol works based on it. The web application has access to public keys. One solution to achieve authentication and kill MITM is to build SSL over the application API and build an authentication method using user's keys. Simple messages passing. But I'm thinking about another method... Make authentication based on SSL client certification. I'd used client certificates for previous projects but I've some problems deciding whethe (HowTos)