This is nonsense!
If you have proof (Escrow.com payment and other details)
How come seller says that?

I for one am going to suggest that there need be some challenge process and providing ICANN the ability to attach consequences to false submissions or attempt reverse hijacking.

For example, the presence of a purchase and sales agreement between the new and old registrant SHOULD be taken into consideration.

Depends when the PRT becomes aware of it.

“or within 60 days of the Registrant becoming aware of the transfer (but in no event more than six (6) months after the Inter-Registrar domain name transfer).”

So of course people are going to claim “they weren’t aware” of the transfer, to get the 6 month timeframe.

This would be a nightmare for escrow services like Moniker/Escrow.com or for auction providers (Latona, SnapNames, etc.). Suppose I win example.com in an auction. Seller transfers it to Moniker for a “secure transfer”, and I send Moniker the payment. Moniker sends payment to seller. 2 months later (or 2 days later, even), I transfer the domain to Tucows. You think the deal is done.

But, then 4 months after the sale, the seller claims the name is stolen, and convinces GoDaddy to undo the transfer (and the name has gone from Moniker to Tucows in the meantime; perhaps the buyer was Microsoft, who built a huge site around it, like docs.com or office.com via stealth acquisition through a Marksmen, etc.). Lots of folks would be negatively affected (of course, folks will have to bid lower to reflect this liability that the domain name has embedded within it, or just might be so turned off that they don’t bid at all, and avoid deals completely).

If you look at their mailing list archives, I discuss all this:

http://forum.icann.org/lists/gnso-irtp-b-jun09/

and proposed instead that if they bring in the ETRP, that they simultaneously allow consumers to opt-in to *irrevocable* transfers, see:

http://forum.icann.org/lists/gnso-irtp-b-jun09/msg00334.html

There, the transfer would be undoable, and the losing registrar presumably would have done the proper checks to make sure a hijacking isn’t taking place.

Registrars *should* already be doing this, of course, so we shouldn’t *have* to be arguing for an irrevocable transfer policy. But, if the ETRP came into force (without any due process to undo a transfer), and buyers had a choice, it’s clear that *irrevocable* transfers would be a must to minimize risks.

This whole workgroup is really approaching things from the wrong direction, and should go back to the original reports from 5 years ago, where procedures were properly discussed to prevent hijackings from happening in the first place (e.g. 2-factor security, out-of-band communications, not relying upon email for everything, etc.).

There already *exists* a Transfers Dispute Process (TDRP), which has due process, and of course courts always exists for true emergencies. This proposal just isn’t needed, and actually makes things worse, because legitimate buyers would face new risks that they can’t manage if a legitimate transfer could be undone without any due process.

Folks who are security-conscious are better served by registrars who *prevent* the hijackings in the first place, not ones who only rely on undoing thefts after they already (or allegedly) happen. The reports from 5+ years ago discussed those recommendations, which most registrars simply ignored. ICANN should be raising standards that promote proactive security, and shouldn’t be promoting “solutions” that have such collateral damage (worse damage to the secondary market than the actual problem from hijackings).