Sharing session data between domains

Hi,

Has anyone come up with a clean(ish) way of sending data from a
session in one domain to another session in another (SSL) domain.
Both domains are on the same application. Scenario is:

- collect data during the shopping process to create an "order". The
critical order data can be stored in a hash.
- want to pass the order_id over to the new domain but I can only
think of somehow serializing the session hash and then passing it as a
parameter in the URL when passed to the SSL-protected domain.
- I would like to make the URL tamper-proof.

Anyone have any ideas on this? As the domains run on the same Rails
application, can I just get away with passing the session_id over to
the second domain and somehow "autorestore" the domain directly back
from the session store?

O.