diff --git a/CHANGELOG.md b/CHANGELOG.md
index 44b66ef4e..7ed78ec6f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,29 @@
+12.09.2018
+* Bug: user with billing access only can now login to the portal for Regsitrars [#973](https://github.com/internetee/registry/issues/973)
+
+06.09.2018
+* Bug: registrant confirmation does not require authentication any more [#969](https://github.com/internetee/registry/issues/969)
+* Whois JSON tests order independent [#965](https://github.com/internetee/registry/issues/965) 
+
+04.09.2018
+* New registrant portal API [#902](https://github.com/internetee/registry/issues/902)
+* Registry lock in Registrant API [#927](https://github.com/internetee/registry/issues/927)
+* Password encryption for EPP [#914](https://github.com/internetee/registry/issues/914)
+* Registrar: 0 amount invoices invalidated [#651](https://github.com/internetee/registry/issues/651)
+* Ruby upgrade to 2.4 [#938](https://github.com/internetee/registry/issues/938)
+* Admin: removig deleteCandidate status removes Que job as well [#790](https://github.com/internetee/registry/issues/790)
+* Admin: Cancel force delete no possible with deleteCandidate status set [#791](https://github.com/internetee/registry/issues/791)
+* Contact tests added [#930](https://github.com/internetee/registry/issues/930)
+* Change test structure [#924](https://github.com/internetee/registry/issues/924)
+* Grape gem update to 1.1.0 (CVE-2018-3769) [#934](https://github.com/internetee/registry/pull/934)
+* Remove changelog from codeclimate analysis [#961](https://github.com/internetee/registry/issues/961)
+* Remove dead code [#925](https://github.com/internetee/registry/issues/925)
+* Quote value in fixture [#937](https://github.com/internetee/registry/issues/937)
+* Generate <body> CSS class for every action [#939](https://github.com/internetee/registry/issues/939)
+* Add TaskTestCase [#941](https://github.com/internetee/registry/issues/941)
+* Set NOT NULL constraint for contact.email field [#936](https://github.com/internetee/registry/issues/936)
+* Remove duplicate fixture [#946](https://github.com/internetee/registry/issues/946)
+
 26.07.2018
 * Grape (1.0.3), mustermann (1.0.2), multi_json (1.13.1) gem updates [#912](https://github.com/internetee/registry/issues/912)
 * Capybara (3.3.1), mini_mime (0.1.3), nokogiri (1.8), rack (1.6.0), xpath (3.1) gem updates [#980](https://github.com/internetee/registry/issues/908)
diff --git a/app/controllers/epp/polls_controller.rb b/app/controllers/epp/polls_controller.rb
index 44f8afdc1..cb1f3d2f2 100644
--- a/app/controllers/epp/polls_controller.rb
+++ b/app/controllers/epp/polls_controller.rb
@@ -9,7 +9,7 @@ class Epp::PollsController < EppController
   private
 
   def req_poll
-    @message = current_user.queued_messages.last
+    @message = current_user.queued_messages.order('created_at DESC').take
 
     render_epp_response 'epp/poll/poll_no_messages' and return unless @message
     if @message.attached_obj_type && @message.attached_obj_id
diff --git a/app/controllers/registrant/domain_delete_confirms_controller.rb b/app/controllers/registrant/domain_delete_confirms_controller.rb
index d6e4666c7..59492fefb 100644
--- a/app/controllers/registrant/domain_delete_confirms_controller.rb
+++ b/app/controllers/registrant/domain_delete_confirms_controller.rb
@@ -1,5 +1,5 @@
 class Registrant::DomainDeleteConfirmsController < RegistrantController
-  skip_before_action :authenticate_user!, only: [:show, :update]
+  skip_before_action :authenticate_registrant_user!, only: [:show, :update]
   skip_authorization_check only: [:show, :update]
 
   def show
diff --git a/app/controllers/registrant/domain_update_confirms_controller.rb b/app/controllers/registrant/domain_update_confirms_controller.rb
index 413ac43ff..d0bc1e7a1 100644
--- a/app/controllers/registrant/domain_update_confirms_controller.rb
+++ b/app/controllers/registrant/domain_update_confirms_controller.rb
@@ -1,5 +1,5 @@
 class Registrant::DomainUpdateConfirmsController < RegistrantController
-  skip_before_action :authenticate_user!, only: %i[show update]
+  skip_before_action :authenticate_registrant_user!, only: %i[show update]
   skip_authorization_check only: %i[show update]
 
   def show
diff --git a/app/controllers/registrar/sessions_controller.rb b/app/controllers/registrar/sessions_controller.rb
index 8f4db9fdd..991d5cbed 100644
--- a/app/controllers/registrar/sessions_controller.rb
+++ b/app/controllers/registrar/sessions_controller.rb
@@ -115,7 +115,7 @@ class Registrar
           sign_in(:registrar_user, @user)
           flash[:notice] = t(:welcome)
           flash.keep(:notice)
-          render js: "window.location = '#{registrar_root_url}'"
+          render js: "window.location = '#{after_sign_in_path_for(@user)}'"
         when 'NOT_VALID'
           render json: { message: t(:user_signature_is_invalid) }, status: :bad_request
         when 'EXPIRED_TRANSACTION'
diff --git a/app/views/epp/poll/poll_req.xml.builder b/app/views/epp/poll/poll_req.xml.builder
index d5da707a6..9981e8be6 100644
--- a/app/views/epp/poll/poll_req.xml.builder
+++ b/app/views/epp/poll/poll_req.xml.builder
@@ -5,7 +5,7 @@ xml.epp_head do
     end
 
     xml.tag!('msgQ', 'count' => current_user.queued_messages.count, 'id' => @message.id) do
-      xml.qDate @message.created_at.try(:iso8601)
+      xml.qDate @message.created_at.utc.xmlschema
       xml.msg @message.body
     end
 
diff --git a/test/fixtures/messages.yml b/test/fixtures/messages.yml
index 47cbdd0f2..c20a4b023 100644
--- a/test/fixtures/messages.yml
+++ b/test/fixtures/messages.yml
@@ -2,3 +2,15 @@ greeting:
   body: Welcome!
   queued: true
   registrar: bestnames
+  created_at: <%= Time.zone.parse('2010-07-04') %>
+
+domain_deleted:
+  body: Your domain has been deleted
+  queued: true
+  registrar: bestnames
+  created_at: <%= Time.zone.parse('2010-07-05') %>
+
+farewell:
+  body: Good bye!
+  queued: true
+  registrar: goodnames
\ No newline at end of file
diff --git a/test/integration/epp/poll_test.rb b/test/integration/epp/poll_test.rb
index 30ee5c769..acd75167d 100644
--- a/test/integration/epp/poll_test.rb
+++ b/test/integration/epp/poll_test.rb
@@ -1,24 +1,11 @@
 require 'test_helper'
 
 class EppPollTest < ApplicationIntegrationTest
-  def test_messages
-    post '/epp/command/poll', { frame: request_xml }, { 'HTTP_COOKIE' => 'session=api_bestnames' }
-    assert_equal '1301', Nokogiri::XML(response.body).at_css('result')[:code]
-    assert_equal 1, Nokogiri::XML(response.body).css('msgQ').size
-    assert_equal 1, Nokogiri::XML(response.body).css('result').size
-  end
+  # Deliberately does not conform to RFC5730, which requires the first message to be returned
+  def test_return_latest_message_when_queue_is_not_empty
+    message = messages(:domain_deleted)
 
-  def test_no_messages
-    registrars(:bestnames).messages.delete_all(:delete_all)
-    post '/epp/command/poll', { frame: request_xml }, { 'HTTP_COOKIE' => 'session=api_bestnames' }
-    assert_equal '1300', Nokogiri::XML(response.body).at_css('result')[:code]
-    assert_equal 1, Nokogiri::XML(response.body).css('result').size
-  end
-
-  private
-
-  def request_xml
-    <<-XML
+    request_xml = <<-XML
       <?xml version="1.0" encoding="UTF-8" standalone="no"?>
       <epp xmlns="https://epp.tld.ee/schema/epp-ee-1.0.xsd">
         <command>
@@ -26,5 +13,90 @@ class EppPollTest < ApplicationIntegrationTest
         </command>
       </epp>
     XML
+    post '/epp/command/poll', { frame: request_xml }, 'HTTP_COOKIE' => 'session=api_bestnames'
+    response_xml = Nokogiri::XML(response.body)
+
+    assert_equal 1301.to_s, response_xml.at_css('result')[:code]
+    assert_equal 1, response_xml.css('result').size
+    assert_equal 2.to_s, response_xml.at_css('msgQ')[:count]
+    assert_equal message.id.to_s, response_xml.at_css('msgQ')[:id]
+    assert_equal Time.zone.parse('2010-07-05').utc.xmlschema, response_xml.at_css('msgQ qDate').text
+    assert_equal 'Your domain has been deleted', response_xml.at_css('msgQ msg').text
   end
-end
+
+  def test_no_messages_in_queue
+    registrars(:bestnames).messages.delete_all(:delete_all)
+
+    request_xml =
+      <<-XML
+      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+      <epp xmlns="https://epp.tld.ee/schema/epp-ee-1.0.xsd">
+        <command>
+          <poll op="req"/>
+        </command>
+      </epp>
+    XML
+    post '/epp/command/poll', { frame: request_xml }, 'HTTP_COOKIE' => 'session=api_bestnames'
+    response_xml = Nokogiri::XML(response.body)
+
+    assert_equal 1300.to_s, response_xml.at_css('result')[:code]
+    assert_equal 1, response_xml.css('result').size
+  end
+
+  def test_dequeue_message
+    message = messages(:greeting)
+
+    request_xml = <<-XML
+      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+      <epp xmlns="https://epp.tld.ee/schema/epp-ee-1.0.xsd">
+        <command>
+          <poll op="ack" msgID="#{message.id}"/>
+        </command>
+      </epp>
+    XML
+
+    post '/epp/command/poll', { frame: request_xml }, 'HTTP_COOKIE' => 'session=api_bestnames'
+    message.reload
+    response_xml = Nokogiri::XML(response.body)
+
+    assert_not message.queued?
+    assert_equal 1000.to_s, response_xml.at_css('result')[:code]
+    assert_equal 1, response_xml.css('result').size
+    assert_equal 1.to_s, response_xml.at_css('msgQ')[:count]
+    assert_equal message.id.to_s, response_xml.at_css('msgQ')[:id]
+  end
+
+  def test_message_of_other_registrars_cannot_be_dequeued
+    message = messages(:farewell)
+
+    request_xml = <<-XML
+      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+      <epp xmlns="https://epp.tld.ee/schema/epp-ee-1.0.xsd">
+        <command>
+          <poll op="ack" msgID="#{message.id}"/>
+        </command>
+      </epp>
+    XML
+    post '/epp/command/poll', { frame: request_xml }, 'HTTP_COOKIE' => 'session=api_bestnames'
+    response_xml = Nokogiri::XML(response.body)
+    message.reload
+
+    assert message.queued?
+    assert_equal 2303.to_s, response_xml.at_css('result')[:code]
+  end
+
+  def test_message_not_found
+    request_xml = <<-XML
+      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+      <epp xmlns="https://epp.tld.ee/schema/epp-ee-1.0.xsd">
+        <command>
+          <poll op="ack" msgID="0"/>
+        </command>
+      </epp>
+    XML
+    post '/epp/command/poll', { frame: request_xml }, 'HTTP_COOKIE' => 'session=api_bestnames'
+    response_xml = Nokogiri::XML(response.body)
+
+    assert_equal 2303.to_s, response_xml.at_css('result')[:code]
+  end
+end
\ No newline at end of file
diff --git a/test/models/message_test.rb b/test/models/message_test.rb
index 5c557150d..ba2203d8a 100644
--- a/test/models/message_test.rb
+++ b/test/models/message_test.rb
@@ -18,4 +18,10 @@ class MessageTest < ActiveSupport::TestCase
     @message.registrar = nil
     assert @message.invalid?
   end
-end
+
+  def test_dequeue
+    @message.dequeue
+    @message.reload
+    assert_not @message.queued?
+  end
+end
\ No newline at end of file
diff --git a/test/models/whois_record_test.rb b/test/models/whois_record_test.rb
index 438ee9cc4..e86deafd9 100644
--- a/test/models/whois_record_test.rb
+++ b/test/models/whois_record_test.rb
@@ -22,7 +22,6 @@ class WhoisRecordTest < ActiveSupport::TestCase
       registrant_kind: 'priv',
       email: 'john@inbox.test',
       expire: '2010-07-05',
-      nameservers: ['ns1.bestnames.test', 'ns2.bestnames.test'],
       registrar_address: 'Main Street, New York, New York, 12345',
       dnssec_keys: [],
     }
@@ -30,6 +29,10 @@ class WhoisRecordTest < ActiveSupport::TestCase
     expected_partial_hash.each do |key, value|
       assert_equal(value, @record.generated_json[key])
     end
+
+    ['ns1.bestnames.test', 'ns2.bestnames.test'].each do |item|
+      assert(@record.generated_json[:nameservers].include?(item))
+    end
   end
 
   def test_generated_body_has_justified_disclaimer