Well, I was thinking that cross site authentication would be impossible in case of per domain session, but yes, a completely new anonymous user profile directory should be created.
Why would it be impossible? If you need to completely pass the user off to a different website temporarily, you should add the challenge/response data to the query string or post parameters. Cookies not required.
