I can at least spew some publicly known reasons:
XP and 2k3 both share much of the same code (all the way back to NT 3 actually) so fixes for one apply to the other, however 2003 is already very stable and secure and includes quite a few fixes that have been done since the release of XP (think of 2k3 as a later released, server enhanced version of XP in this regard). Microsoft is pushing hard to focus on security and even Microsoft's resources are finite. Why pull resources from a less secure OS to focus on a more secure OS? Also, 2003 simply doesn't have as much that needs fixed at this time. Do you think you would get a longer list of fixes generated by an OS in limited deployment or one that's already on a great percentage of desktops out there? I suppose a brief unsupported statement like I made earlier would lead you to such a "conspiracy" or "shadowy" type of conclussion...It would me too I guess. Sorry about that, seriously. I just don't know how else to phrase it really. You can't really glean the sparkly inside bits of knowledge from the bullsh1t very easily on the internet, but if you're smart you might catch a glimmer out of the corner of your eye.

It doesn't matter much really, it'll be done when it's done I guess and everyone will know then. Besides, this topic kinda lacks the excitement of the doom3 alpha's and such don't you think?