This document updates RFC6265 by defining a "First-Party-Only" attribute which allows servers to assert that a cookie ought to be sent only in a "first-party" context. This assertion allows user agents to mitigate the risk of cross-site request forgery attacks, and other related paths to cross-origin information leakage.
It looks really good, and it seems that Chrome 50 is going to support it https://www.chromestatus.com/features/4672634709082112
The current solution seems to be inspired by the SameDomain Cookie attribute as described at http://people.mozilla.org/~mgoodwin/SameDomain/samedomain-latest.txt
I actually prefer the SameDomain name to First-Party-Cookies :)