> I think a transfer is an opportunity to apply some anti hijacking and
> some education about audrp. the registrar can send out a confirmation
> email with a token/code in it that the real owner needs to return back to
> the registrar.  both sides can be given information on audrp and
> cybersquating and should be made to verify that the transfer is in good
> faith.

Confirmation of transfer is a must, unlike the do-nothing and the domain
gets transferred approach of TLD's, which is a pain.

> all of this can be done automatically and the domain then inserted (or
> that might probably be done earlier) into a registrars standard processing
> queues 

Idea works well, and should be able to be tacked onto an existing system
without too much trouble.

> for
> policy check etc. there might even a cooling off period thrown in and for
> good measure a second round of reminders etc.

Suggested cooling off period? Standard 14 days , then a reminder that the
original transferee can revoke the transfer, but if they perform no action
at this stage then the transfer will go through?

> 
> Vic

For once I agree with you.

-Sean.