The loophole that led to this error has been closed.

Perhaps for you but this process leaves a lot of registrars in position to do damage, accidentally or by the criminal action of staff.

In some cases registrars delegate the obtaining of the approval from a reseller

Though well intentioned to make it easier to move away from bad registrars all this does is put everyone else at far greater risk - not only from registrars but also their resellors who are likely to be unvetted. It seems quite easy for criminals to gain conrol

Many registrars now put names on lock by default

So we're back to needing the cooperation of the old registrar, may as well have stuck with the old, less risky, way

(7) If the registry receives no response from the losing registrar after a 5 day period, the transfer will be completed.

Adding the risk of not noticing and it just going through unchallenged

(9) If the losing registrar believes that a transfer was unauthorised, the losing registrar may contact the gaining registrar for a copy of the authorisation in step 2 to arrange for the transfer to be reversed.

Too late, the damage is done

In the case of panix.com, the step (2) failed at the gaining registrar. I can't comment on steps taken by the losing registrar.

It doesn't matter, the system is broken by design - they had to trust you to be correct

The principle of the process, is that a registrant can move to another domain name provider (registrar or reseller) at any time, and can initiate a transfer from the new provider. This relies on the new provider authenticating the request.

I'm only paying my registrar to be trustworthy, I don't want to have to trust the rest

The integrity of the process is greatly improved through the use of the auth_info password in the EPP protocol. This has been operating effectively in .org, .info., .biz and .name.

I disagree (the new whois sucks too)

My personal view is that the current transfers policy WITH the use of auth_info and WITH the use of registrar-LOCK is a reasonable balance between security and allowing registrants to easily move their name.

My experience has been that getting auth_info (which criminal staff would have access to) from bad registrars is almost impossible, with registrar-LOCK too they have enough control to negate the gain in being able to pull a domain to a new registrar - you still need the cooperation of the old one so it's just as bad as the old way but lots more risk for everyone EPP is thus of no advantage and registrar pull is dangerous

I am interested to hear what members of the NANOG list believe would be a better transfers process.

Everyone has their ideas but the people running a $1.2B business should be able to do better brandon