diff --git a/Gemfile b/Gemfile
index ee11fae90..878dc62bf 100644
--- a/Gemfile
+++ b/Gemfile
@@ -68,7 +68,7 @@ gem 'digidoc_client', '~> 0.2.1'
 
 # epp
 gem 'epp', '~> 1.4.2', github: 'gitlabeu/epp'
-gem 'epp-xml',   '~> 0.10.4'  # EPP XMLs
+gem 'epp-xml',   '~> 1.0.1'  # EPP XMLs
 gem 'uuidtools', '~> 2.1.4' # For unique IDs (used by the epp gem)
 
 # for importing legacy db
diff --git a/Gemfile.lock b/Gemfile.lock
index 859830bbf..9b674285f 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -161,7 +161,7 @@ GEM
       nokogiri (>= 1.4.0)
       savon (>= 2.4.0)
     docile (1.1.5)
-    epp-xml (0.10.4)
+    epp-xml (1.0.1)
       activesupport (~> 4.1)
       builder (~> 3.2)
     equalizer (0.0.11)
@@ -512,7 +512,7 @@ DEPENDENCIES
   devise (~> 3.4.1)
   digidoc_client (~> 0.2.1)
   epp (~> 1.4.2)!
-  epp-xml (~> 0.10.4)
+  epp-xml (~> 1.0.1)
   fabrication (~> 2.12.2)
   faker (~> 1.3.0)
   figaro (~> 1.1.0)
diff --git a/spec/epp/contact_spec.rb b/spec/epp/contact_spec.rb
index 19a0a3d0d..02540e109 100644
--- a/spec/epp/contact_spec.rb
+++ b/spec/epp/contact_spec.rb
@@ -939,15 +939,6 @@ describe 'EPP Contact', epp: true do
         end
       end
     end
-
-    context 'renew command' do
-      it 'returns 2101-unimplemented command' do
-        response = epp_plain_request('contacts/renew.xml')
-
-        response[:msg].should == 'Unimplemented command'
-        response[:result_code].should == '2101'
-      end
-    end
   end
 
   def check_multiple_contacts_xml
diff --git a/spec/epp/requests/contacts/renew.xml b/spec/epp/requests/contacts/renew.xml
deleted file mode 100644
index aeffaa569..000000000
--- a/spec/epp/requests/contacts/renew.xml
+++ /dev/null
@@ -1,15 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-  <epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
-    <command>
-      <renew>
-        <contact:renew
-         xmlns:contact="urn:ietf:params:xml:ns:contact-1.0">
-          <contact:id>info-4444</contact:id>
-          <contact:authInfo>
-            <contact:pw>2fooBAR</contact:pw>
-          </contact:authInfo>
-       </contact:renew>
-      </renew>
-      <clTRID>ABC-12345</clTRID>
-    </command>
-  </epp>
diff --git a/spec/epp/session_spec.rb b/spec/epp/session_spec.rb
index 4f4cde6c4..cdc36d2ee 100644
--- a/spec/epp/session_spec.rb
+++ b/spec/epp/session_spec.rb
@@ -5,6 +5,7 @@ describe 'EPP Session', epp: true do
     @api_user = Fabricate(:gitlab_api_user)
     @epp_xml = EppXml.new(cl_trid: 'ABC-12345')
     @login_xml_cache = @epp_xml.session.login(clID: { value: 'gitlab' }, pw: { value: 'ghyt9e4fu' })
+    @xsd = Nokogiri::XML::Schema(File.read('doc/schemas/epp-1.0.xsd'))
   end
 
   context 'when not connected' do
@@ -40,14 +41,15 @@ describe 'EPP Session', epp: true do
     end
 
     it 'prohibits further actions unless logged in' do
-      response = epp_plain_request(@epp_xml.domain.create, :xml)
+      @xsd = Nokogiri::XML::Schema(File.read('doc/schemas/domain-1.0.xsd'))
+      response = epp_plain_request(@epp_xml.domain.info(name: { value: 'test.ee' }), :xml)
       response[:msg].should == 'You need to login first.'
       response[:result_code].should == '2002'
       response[:clTRID].should == 'ABC-12345'
     end
 
     it 'should not have clTRID in response if client does not send it' do
-      epp_xml_no_cltrid = EppXml.new(cl_trid: '')
+      epp_xml_no_cltrid = EppXml.new(cl_trid: false)
       wrong_user = epp_xml_no_cltrid.session.login(clID: { value: 'wrong-user' }, pw: { value: 'ghyt9e4fu' })
       response = epp_plain_request(wrong_user, :xml)
       response[:clTRID].should be_nil
@@ -115,7 +117,22 @@ describe 'EPP Session', epp: true do
           clID: { value: 'gitlab' },
           pw: { value: 'ghyt9e4fu' },
           newPW: { value: '' }
-        ), :xml)
+        ), validate_input: false)
+
+        response[:msg].should == 'Password is missing [password]'
+        response[:result_code].should == '2306'
+
+        @api_user.reload
+        @api_user.password.should == 'ghyt9e4fu'
+      end
+
+      it 'fails if new password is not valid' do
+        @api_user.update(password: 'ghyt9e4fu')
+        response = epp_plain_request(@epp_xml.session.login(
+          clID: { value: 'gitlab' },
+          pw: { value: 'ghyt9e4fu' },
+          newPW: { value: '' }
+        ), validate_input: false)
 
         response[:msg].should == 'Password is missing [password]'
         response[:result_code].should == '2306'
diff --git a/spec/support/epp.rb b/spec/support/epp.rb
index f877bfc2f..9673b8db7 100644
--- a/spec/support/epp.rb
+++ b/spec/support/epp.rb
@@ -66,15 +66,27 @@ module Epp
   end
 
   def epp_plain_request(data, *args)
-    res = parse_response(server.send_request(data)) if args.include?(:xml)
-    if res
-      log(data, res[:parsed])
-      return res
+    options = args.extract_options!
+    validate_input = options[:validate_input] != false # true by default
+    validate_output = options[:validate_output] != false # true by default
+
+    if validate_input && @xsd
+      xml = Nokogiri::XML(data)
+      @xsd.validate(xml).each do |error|
+        fail Exception.new, error.to_s
+      end
     end
 
-    res = parse_response(server.send_request(read_body(data)))
-    log(read_body(data), res[:parsed])
-    return res
+    res = parse_response(server.send_request(data))
+    if res
+      log(data, res[:parsed])
+      if validate_output && @xsd
+        @xsd.validate(Nokogiri(res[:raw])).each do |error|
+          fail Exception.new, error.to_s
+        end
+      end
+      return res
+    end
   rescue => e
     e
   end
@@ -127,7 +139,7 @@ module Epp
 
     xml_params = defaults.deep_merge(xml_params)
 
-    epp_xml = EppXml::Domain.new(cl_trid: '')
+    epp_xml = EppXml::Domain.new(cl_trid: false)
     epp_xml.info(xml_params)
   end