It's not just cookies, it defines pretty much all aspects of a browser's security between websites. It sets the boundaries for cross-site scripting. It limits the scope of SSL wildcard certificates. And it's used to determine which part of the domain name gets highlighted in the URL bar.