My (yet to go public) futures trading startup uses bitcoin private/public keys to do authentication without a CA.

A CA is still needed for https; however no userids are needed or passwords to remember.

None of the ideas are new, I just put the best features of bitid/sqrl/bitauth into something that is automated from the users point of view

Other options to consider:

bitauth: Does not use bitcoin but uses ECDSA, signs every api call, so can be used like HMAC to protect API
Bitid: Uses bitid:// url scheme. Uses bitcoin addresses, Needs a supporting wallet
SQRL: Needs a trusted app, does not use bitcoin
Clef: Very nice, but you need to use their servers, essentially a trusted third party.

The best thing among the four was SQRL. I basically re-implemented SQRL to use bitcoin addresses/keys