A better implementation would be one which instantiates a different session not on a per window basis, or even a per tab basis, but on a per "domain in address bar" basis.
And by session, this wouldn't just be the cookie store, it would also be the cache store and everything else which can be manipulated for tracking purposes.
EDIT: I'd also want it clearing between browser restarts too.
If this became (over night) the default standard way for browsers to behave, the vast vast majority of websites (at least 99.9% I'd guess) would continue to work without issue and it would pretty much annihilate nearly all privacy/tracking issues on the web.
Stuff like Google Analytics would continue to be able to work, but wouldn't be able to gather as many different types of information. Advertisers would be able to continue to advertise, but they would lose the ability to track you across sites, which potentially might hit their revenue a bit.
Well, I was thinking that cross site authentication would be impossible in case of per domain session, but yes, a completely new anonymous user profile directory should be created.
Why would it be impossible? If you need to completely pass the user off to a different website temporarily, you should add the challenge/response data to the query string or post parameters. Cookies not required.
And by session, this wouldn't just be the cookie store, it would also be the cache store and everything else which can be manipulated for tracking purposes.
EDIT: I'd also want it clearing between browser restarts too.
If this became (over night) the default standard way for browsers to behave, the vast vast majority of websites (at least 99.9% I'd guess) would continue to work without issue and it would pretty much annihilate nearly all privacy/tracking issues on the web.
Stuff like Google Analytics would continue to be able to work, but wouldn't be able to gather as many different types of information. Advertisers would be able to continue to advertise, but they would lose the ability to track you across sites, which potentially might hit their revenue a bit.