Shouldn't they send out a paper letter to the owner of the domain then? That might be a better way to verify identity. Or use an actual "real world" identity check?
In Germany you can do that with the German mail system - the postman will then check your id and confirm you are who you claim to be. Certainly not foolproof, but just accepting incoming letters at face value seems crazy.
In Finland all changes to your .fi domain (renews, nameserver changes, etc.) are snail mailed to you. It was a confusing experience for me when I registered a .fi domain on Gandi, but still got all the mails sent to me. Also, I can't control my domain on Gandi, as the credentials were snail mailed to me by my country's authorities. The only place I can make changes to my domain is on Finnish authority's website - with the credentials which were snail mailed to me.
In here postmen only check your ID when receiving or retrieving packages, but I've understood that you can buy the same service for letters as well. Most online identity checks are made by logging in trough banks, which can verify your SSN and alike.
It's probably too expensive to use as a standard method, but I would be willing to deposit some money with Gandi just in case they need to ID check me.
The US has this as well -- registered mail, which provides a full chain of custody for the letter. It's also a serious crime to provide fraudulent identification.
In Germany you can do that with the German mail system - the postman will then check your id and confirm you are who you claim to be. Certainly not foolproof, but just accepting incoming letters at face value seems crazy.