The root cert aside and with all the other ssl deficiencies all browsers support it! Usability is imo the issue if more than a handful of people need to access the site. RFC6509 http://tools.ietf.org/html/rfc6509 shows crypto independent of any PKI. Implemented running in Javasrcipt and HTML5 as open source www.certivox.org where unlike Diffie-Hellman the key agreement is authenticated. No passwords, usernames... nothing.
I had a hacky wiki based on GPG-signed text files: https://gist.github.com/Zash/3804318
Editing was done through a shell script that fetched the source, invoked my editor, signed and uploaded the signed text back.
