> - no system is perfect My feelings exactly.
We could spend a great deal of effort trying to engineer a secure solution that would prevent that 0.01% of transactions that are fraudulent, probably at no small inconvenience to the legitimate 99.99%. But since the result would never be 100% successful (there is always the human factor), and since unauthorized domain name transfers are relatively rare and completely reversible, what would really be gained? "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." - Benjamin Franklin OK, that's only marginally applicable, but I like repeating it! I'm not against any improvements in security as long as they don't make things more difficult for legitimate end users.
