I'm not 100% sold on this solution (which sounds like just extending the idea of bearer tokens to replace cookies), but I definitely support dropping cookies. Cookies can store too much arbitrary information about a user, and 3rd party cookies are a security nightmare. Replacing them with a more-restricted system that doesn't allow 3rd party access is a good idea.