This is inspired by XML-Security package for XML-Signatures. But when we went from using DOM to Dom4J, we decided to write our own implementation ontop of Dom4J. While we have rewritten most things we owe a debt of gratitude for the inspiration from XML-Security. In a few cases we simply ported the apache code to dom4j. I'm not 100% sure of the copyright implications of this, if we are doing it wrong please write me and I'll rectify it.