The problem is you can't explicitly tell a browser to fetch a cookie from cookie.example.com - and when you have multiple subdomains which rely on the cookie, plus analytics software which sets it for the whole domain, you can't do that.
Sort of: If you only ever need a cookie set on app.example.com, you can do that and use assets.example.com. It'll work for simple applications and not much else.
Things like Google Analytics also set cookies by default on *.example.com so you'll have to figure out a way around that.
