diff --git a/app/helpers/epp/contacts_helper.rb b/app/helpers/epp/contacts_helper.rb
index ad9a4a2a9..a6b3fad23 100644
--- a/app/helpers/epp/contacts_helper.rb
+++ b/app/helpers/epp/contacts_helper.rb
@@ -10,7 +10,8 @@ module Epp::ContactsHelper
     # FIXME: Update returns 2303 update multiple times
     code = params_hash['epp']['command']['update']['update'][:id]
     @contact = Contact.where(code: code).first
-    if update_rights? && stamp(@contact) && @contact.update_attributes(contact_and_address_attributes(:update))
+    #if update_rights? && stamp(@contact) && @contact.update_attributes(contact_and_address_attributes(:update))
+    if owner? && stamp(@contact) && @contact.update_attributes(contact_and_address_attributes(:update))
       render 'epp/contacts/update'
     else
       contact_exists?(code)
@@ -67,7 +68,8 @@ module Epp::ContactsHelper
   def validate_contact_update_request
     @ph = params_hash['epp']['command']['update']['update']
     update_attrs_present?
-    xml_attrs_present?(@ph, [['id'], %w(authInfo pw)])
+    #xml_attrs_present?(@ph, [['id'], %w(authInfo pw)])
+    xml_attrs_present?(@ph, [['id']])
   end
 
   def contact_exists?(code)
diff --git a/app/models/contact.rb b/app/models/contact.rb
index 42bb2e78b..46156d7b9 100644
--- a/app/models/contact.rb
+++ b/app/models/contact.rb
@@ -9,6 +9,7 @@ class Contact < ActiveRecord::Base
 
   has_many :domain_contacts
   has_many :domains, through: :domain_contacts
+  has_many :statuses, class_name: 'ContactStatus'
 
   # TODO: remove the x_by
   belongs_to :created_by, class_name: 'EppUser', foreign_key: :created_by_id
diff --git a/app/models/contact_status.rb b/app/models/contact_status.rb
new file mode 100644
index 000000000..71b435b78
--- /dev/null
+++ b/app/models/contact_status.rb
@@ -0,0 +1,78 @@
+class ContactStatus < ActiveRecord::Base
+  include EppErrors
+
+  belongs_to :contact
+
+  CLIENT_DELETE_PROHIBITED = 'clientDeleteProhibited'
+  SERVER_DELETE_PROHIBITED = 'serverDeleteProhibited'
+  CLIENT_HOLD = 'clientHold'
+  SERVER_HOLD = 'serverHold'
+  CLIENT_RENEW_PROHIBITED = 'clientRenewProhibited'
+  SERVER_RENEW_PROHIBITED = 'serverRenewProhibited'
+  CLIENT_TRANSFER_PROHIBITED = 'clientTransferProhibited'
+  SERVER_TRANSFER_PROHIBITED = 'serverTransferProhibited'
+  CLIENT_UPDATE_PROHIBITED = 'clientUpdateProhibited'
+  SERVER_UPDATE_PROHIBITED = 'serverUpdateProhibited'
+  INACTIVE = 'inactive'
+  OK = 'ok'
+  PENDING_CREATE = 'pendingCreate'
+  PENDING_DELETE = 'pendingDelete'
+  PENDING_RENEW = 'pendingRenew'
+  PENDING_TRANSFER = 'pendingTransfer'
+  PENDING_UPDATE = 'pendingUpdate'
+
+  SERVER_MANUAL_INZONE = 'serverManualInzone'
+  SERVER_REGISTRANT_CHANGE_PROHIBITED = 'serverRegistrantChangeProhibited'
+  SERVER_ADMIN_CHANGE_PROHIBITED = 'serverAdminChangeProhibited'
+  SERVER_TECH_CHANGE_PROHIBITED = 'serverTechChangeProhibited'
+  FORCE_DELETE = 'forceDelete'
+  DELETE_CANDIDATE = 'deleteCandidate'
+  EXPIRED = 'expired'
+
+  STATUSES = [
+    CLIENT_DELETE_PROHIBITED, SERVER_DELETE_PROHIBITED, CLIENT_HOLD, SERVER_HOLD,
+    CLIENT_RENEW_PROHIBITED, SERVER_RENEW_PROHIBITED, CLIENT_TRANSFER_PROHIBITED,
+    SERVER_TRANSFER_PROHIBITED, CLIENT_UPDATE_PROHIBITED, SERVER_UPDATE_PROHIBITED,
+    INACTIVE, OK, PENDING_CREATE, PENDING_DELETE, PENDING_RENEW, PENDING_TRANSFER,
+    PENDING_UPDATE, SERVER_MANUAL_INZONE, SERVER_REGISTRANT_CHANGE_PROHIBITED,
+    SERVER_ADMIN_CHANGE_PROHIBITED, SERVER_TECH_CHANGE_PROHIBITED, FORCE_DELETE,
+    DELETE_CANDIDATE, EXPIRED
+  ]
+
+  CLIENT_STATUSES = [
+    CLIENT_DELETE_PROHIBITED, CLIENT_HOLD, CLIENT_RENEW_PROHIBITED, CLIENT_TRANSFER_PROHIBITED,
+    CLIENT_UPDATE_PROHIBITED
+  ]
+
+  SERVER_STATUSES = [
+    SERVER_DELETE_PROHIBITED, SERVER_HOLD, SERVER_RENEW_PROHIBITED, SERVER_TRANSFER_PROHIBITED,
+    SERVER_UPDATE_PROHIBITED, SERVER_MANUAL_INZONE, SERVER_REGISTRANT_CHANGE_PROHIBITED,
+    SERVER_ADMIN_CHANGE_PROHIBITED, SERVER_TECH_CHANGE_PROHIBITED
+  ]
+
+  def epp_code_map
+    {
+      '2302' => [ # Object exists
+        [:value, :taken, { value: { obj: 'status', val: value } }]
+      ]
+    }
+  end
+
+  def server_status?
+    SERVER_STATUSES.include?(value)
+  end
+
+  def client_status?
+    CLIENT_STATUSES.include?(value)
+  end
+
+  class << self
+    def statuses_for_client
+      CLIENT_STATUSES.map { |x| x.sub('client', '') }
+    end
+
+    def statuses_for_admin
+      SERVER_STATUSES.map { |x| x.sub('server', '') }
+    end
+  end
+end
diff --git a/app/views/epp/contacts/info.xml.builder b/app/views/epp/contacts/info.xml.builder
index 8af796009..e12615c79 100644
--- a/app/views/epp/contacts/info.xml.builder
+++ b/app/views/epp/contacts/info.xml.builder
@@ -16,12 +16,17 @@ xml.epp_head do
         xml.tag!('contact:crDate', @contact.created_at)
         xml.tag!('contact:upID', @contact.up_id) if @contact.up_id
         xml.tag!('contact:upDate', @contact.updated_at) unless @contact.updated_at == @contact.created_at
+        xml.tag!('contact:ident', @contact.ident, type: @contact.ident_type)
         xml.tag!('contact:trDate', '123') if false
         if @owner
           xml.tag!('contact:authInfo') do
            xml.tag!('contact:pw', @contact.auth_info) # Doc says we have to return this but is it necessary?
           end
         end
+        # statuses
+        @contact.statuses.each do |cs|
+          xml.tag!('contact:status', s: cs.value)
+        end
         xml << render('/epp/contacts/disclosure_policy')
       end
     end
diff --git a/db/migrate/20141216075056_create_contact_statuses.rb b/db/migrate/20141216075056_create_contact_statuses.rb
new file mode 100644
index 000000000..0e56f9106
--- /dev/null
+++ b/db/migrate/20141216075056_create_contact_statuses.rb
@@ -0,0 +1,10 @@
+class CreateContactStatuses < ActiveRecord::Migration
+  def change
+    create_table :contact_statuses do |t|
+      t.string :value
+      t.string :description
+      t.belongs_to :contact
+      t.timestamps
+    end
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index fd2f36dda..2ffe6ddc0 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20141203090115) do
+ActiveRecord::Schema.define(version: 20141216075056) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -59,6 +59,14 @@ ActiveRecord::Schema.define(version: 20141203090115) do
     t.boolean  "address"
   end
 
+  create_table "contact_statuses", force: true do |t|
+    t.string   "value"
+    t.string   "description"
+    t.integer  "contact_id"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
   create_table "contact_versions", force: true do |t|
     t.string   "item_type",  null: false
     t.integer  "item_id",    null: false