Currently we require applications to share a common domain/subdomain to achieve SSO.
Crowd could use an authentication mechanism that does not depend on cookies on a single domain for authentication. This will allow applications to reside on completely different domains (eg. jira.com and confluence.com could be SSO'd with crowd.com).
The solution would heavily rely on redirects to move the user-agent between domains to set the appropriate cookies during logins/logouts.