In some instances (i.e. whoever wants to fake their info) email and telephone verification will be valid just up to the moment the domain gets registered. Both email and telephone can be made bogus after that.
Well, sure, anyone who is sufficiently devious can use throwaway email addresses and phone numbers. But I can tell you from experience that the number of people who do that are an insignificant fraction of the people who deliberately or through sloppiness put in bogus info.
What about using a third party certifier before being able to register a domain? Kind of a global domain passport? Is this something that can be considered?
It would be fine to allow registrars to outsource the verification if they don't want to do it themselves, but the last thing we need is another place where people can point fingers. R's, John PS: I don't believe Stuart's $7 unless he's doing something silly like using live people to make verification calls.