diff --git a/server/appengine/sigserver/build.xml b/server/appengine/sigserver/build.xml
deleted file mode 100644
index 73b050a0a..000000000
--- a/server/appengine/sigserver/build.xml
+++ /dev/null
@@ -1,62 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/server/appengine/sigserver/lib/bcpg-jdk15-145.jar b/server/appengine/sigserver/lib/bcpg-jdk15-145.jar
deleted file mode 100644
index 32a52786e..000000000
Binary files a/server/appengine/sigserver/lib/bcpg-jdk15-145.jar and /dev/null differ
diff --git a/server/appengine/sigserver/lib/bcprov-jdk15-145.jar b/server/appengine/sigserver/lib/bcprov-jdk15-145.jar
deleted file mode 100644
index 409070b03..000000000
Binary files a/server/appengine/sigserver/lib/bcprov-jdk15-145.jar and /dev/null differ
diff --git a/server/appengine/sigserver/lib/gson-1.6.jar b/server/appengine/sigserver/lib/gson-1.6.jar
deleted file mode 100644
index 4f7970541..000000000
Binary files a/server/appengine/sigserver/lib/gson-1.6.jar and /dev/null differ
diff --git a/server/appengine/sigserver/src/org/camlistore/sigserver/SignServlet.java b/server/appengine/sigserver/src/org/camlistore/sigserver/SignServlet.java
deleted file mode 100644
index e93b77bfb..000000000
--- a/server/appengine/sigserver/src/org/camlistore/sigserver/SignServlet.java
+++ /dev/null
@@ -1,12 +0,0 @@
-package org.camlistore.sigserver;
-
-import java.io.IOException;
-import javax.servlet.http.*;
-
-public class SignServlet extends HttpServlet {
- public void doGet(HttpServletRequest req, HttpServletResponse resp)
- throws IOException {
- resp.setContentType("text/plain");
- resp.getWriter().println("Hello, world");
- }
-}
diff --git a/server/appengine/sigserver/src/org/camlistore/sigserver/VerifyServlet.java b/server/appengine/sigserver/src/org/camlistore/sigserver/VerifyServlet.java
deleted file mode 100644
index 703965636..000000000
--- a/server/appengine/sigserver/src/org/camlistore/sigserver/VerifyServlet.java
+++ /dev/null
@@ -1,138 +0,0 @@
-package org.camlistore.sigserver;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.security.SignatureException;
-import java.util.Enumeration;
-import java.util.logging.Level;
-import java.util.logging.Logger;
-import javax.servlet.http.*;
-
-import com.google.gson.JsonObject;
-import com.google.gson.JsonParseException;
-import com.google.gson.JsonPrimitive;
-import com.google.gson.JsonParser;
-import org.bouncycastle.bcpg.ArmoredInputStream;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.openpgp.PGPException;
-import org.bouncycastle.openpgp.PGPObjectFactory;
-import org.bouncycastle.openpgp.PGPPublicKey;
-import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
-import org.bouncycastle.openpgp.PGPSignature;
-import org.bouncycastle.openpgp.PGPSignatureList;
-import org.bouncycastle.openpgp.PGPUtil;
-
-public class VerifyServlet extends HttpServlet {
- private Logger log = Logger.getLogger(VerifyServlet.class.getName());
-
- public void doPost(HttpServletRequest req, HttpServletResponse resp)
- throws IOException {
-
- String sjson = req.getParameter("sjson");
- String keyArmored = req.getParameter("keyarmored"); // Non-standard
-
- resp.setContentType("text/plain");
-
- // Validate the signed JSON object and extract the signature and signer.
- int sigIndex = sjson.lastIndexOf(",\"camliSig\":\"");
- if (sigIndex == -1) {
- resp.getWriter().println("Missing camli object signature");
- return;
- }
-
- String sigJson = "{" + sjson.substring(sigIndex + 1);
- JsonObject sigObj;
- try {
- sigObj = (new JsonParser()).parse(sigJson).getAsJsonObject();
- } catch (JsonParseException e) {
- e.printStackTrace();
- resp.getWriter().println("Invalid JSON signature object: " + e);
- return;
- } catch (IllegalStateException e) {
- e.printStackTrace();
- resp.getWriter().println("Invalid JSON signature object: " + e);
- return;
- }
- if (sigObj.entrySet().size() > 1) {
- resp.getWriter().println(
- "Signature object contains more than 'camliSig':\n" + sigJson);
- return;
- }
- JsonPrimitive sigPrimative = sigObj.getAsJsonPrimitive("camliSig");
- if (sigPrimative == null) {
- resp.getWriter().println("'camliSig' missing from top-level");
- return;
- }
- String camliSig;
- try {
- camliSig = sigPrimative.getAsString();
- } catch (ClassCastException e) {
- e.printStackTrace();
- resp.getWriter().println("Invalid 'camliSig' value: " + e);
- return;
- }
-
- String camliJson = sjson.substring(0, sigIndex) + "}";
- JsonObject camliObj;
- try {
- camliObj = (new JsonParser()).parse(sjson).getAsJsonObject();
- } catch (JsonParseException e) {
- e.printStackTrace();
- resp.getWriter().println("Invalid JSON object: " + e);
- return;
- } catch (IllegalStateException e) {
- e.printStackTrace();
- resp.getWriter().println("Invalid JSON object: " + e);
- return;
- }
- JsonPrimitive signerPrimative = camliObj.getAsJsonPrimitive("camliSigner");
- if (signerPrimative == null) {
- resp.getWriter().println("'camliSigner' missing from top-level");
- return;
- }
- String camliSigner;
- try {
- camliSigner = signerPrimative.getAsString();
- } catch (ClassCastException e) {
- resp.getWriter().println("Invalid 'camliSigner' value: " + e);
- return;
- }
-
- log.info("camliSig='" + camliSig + "', " +
- "camliSigner='" + camliSigner + "', " +
- "keyArmored='" + keyArmored + "'");
-
- // Most of this code originally from the Bouncy Castle PGP example app.
- try {
- PGPObjectFactory pgpFactory = new PGPObjectFactory(
- new ArmoredInputStream(
- new ByteArrayInputStream(camliSig.getBytes("UTF-8")),
- false));
- PGPSignatureList signatureList = (PGPSignatureList) pgpFactory.nextObject();
- PGPSignature sig = signatureList.get(0);
- log.info("Signature found: " + sig);
-
- PGPPublicKeyRingCollection pubKeyRing =
- new PGPPublicKeyRingCollection(
- new ArmoredInputStream(
- new ByteArrayInputStream(keyArmored.getBytes("UTF-8"))));
- PGPPublicKey key = pubKeyRing.getPublicKey(sig.getKeyID());
-
- // NOTE(bslatkin): Can't use BouncyCastle's security provider for crypto
- // operations because of App Engine bug. Doh.
- // http://code.google.com/p/googleappengine/issues/detail?id=1612
- sig.initVerify(key, new BouncyCastleProvider());
- sig.update(camliJson.getBytes("UTF-8"));
- resp.getWriter().println(sig.verify() ? "YES" : "NO");
- } catch (IOException e) {
- log.log(Level.SEVERE, "Input problem", e);
- resp.getWriter().println("Input problem: " + e);
- } catch (PGPException e) {
- log.log(Level.SEVERE, "PGP problem", e);
- resp.getWriter().println("PGP problem: " + e);
- } catch (SignatureException e) {
- log.log(Level.SEVERE, "Signature problem", e);
- resp.getWriter().println("Signature problem: " + e);
- }
- }
-}
diff --git a/server/appengine/sigserver/test_key_password.txt b/server/appengine/sigserver/test_key_password.txt
deleted file mode 100644
index 30d74d258..000000000
--- a/server/appengine/sigserver/test_key_password.txt
+++ /dev/null
@@ -1 +0,0 @@
-test
\ No newline at end of file
diff --git a/server/appengine/sigserver/test_private_key.txt b/server/appengine/sigserver/test_private_key.txt
deleted file mode 100644
index 3e2fac5d6..000000000
--- a/server/appengine/sigserver/test_private_key.txt
+++ /dev/null
@@ -1,35 +0,0 @@
------BEGIN PGP PRIVATE KEY BLOCK-----
-Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
-
-lQH+BE07cOIBBADTiCllLdf8M8hOQlIRq5lyQdhX558hFIb38uciWXp5AfunqEAb
-xXiM2Enk87EJTEzItUtv7ID3E7kKSqB38XJQqQzL14VDW6Nid5nya5GcHYx49wYe
-hSo9ktIUOplkWrPH4D+Ty6KXkieMQZ18xdk1fl7nQDZJaeNXIJQHiKNxEQARAQAB
-/gMDAiuPXA+l3ORRYBgyD6g2k6ootIBSvOG41aMS256sgkkMm2gRDqEhTvgocEHY
-I+2IXpiLfYVND3qbVp8Loxd0MF7cCEp8MQ81b0W9UIrUaevXmNjQsAmeEJj7r1yp
-R+BEG7kZxe+KZWJQWVNpKbE15XNEItBqLAfq9Az5ivgejm+uhn7oIYPkHH/8w7xK
-/JYfVRrB17fzIl7hR8UkvI/rFeyK8aFdl6X9jjb1m+4I9aa9XNc/QWBSIaCo8ffP
-H85RiFHeDAFanBi8r9sME5F3ZwH6l9JSiGBo3a7XLoM4mOmD6nLHX51MjNnggCjE
-mBYOdH6AJJanLBUjvFXliipX/6E4Ynodp/hk/IeolJtZyeooRCYk174eePYjVsUp
-zh7q/6yLuhSbsmaCndcftN/bYYjT6NStlmkY3FnRhs8Op8jKhDf+hLIwlm2aztUo
-O2rr9Pw71J6ZhRhjrMruFMqisp24DPQ6UoXo6OLIX+rWtClUZXN0IEtleSAoRm9y
-IHRlc3RpbmcpIDx0ZXN0QGV4YW1wbGUuY29tPoi4BBMBAgAiBQJNO3DiAhsDBgsJ
-CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRCLTbKtgJM85PJWA/9oPLLlhyn7uYCw
-8xlh8CbNANXyEiQJJLfL6xsaXI1lFcAm7Y/ET+Un7FOvEwUcNLtxPLxpQtD52Gmx
-8vQ2PI9evUUqdNWEK7E5ZoSx1BJAD2mlSjLl+rME+GJQXYnZj/3BVPTdJGFLT8Of
-3lEpmVtrB19omE4dhAYXNlExA7y8q50B/gRNO3DiAQQAzInHYdrRHC7i4e4wYLly
-0B/52adRQTyJ3RuC/hdBOdQBcTs3d20a3O/Y1pfzfoUcZCNeZbLSrpIT4Ljqubt4
-J9KF/Fds/HUXsHLAAio/g5p+i0v8luB48JuL+alPtYVG6UNjp/NcaDeHBcb2F/NY
-/9VBUa9dwkbnxhM9sMYgAEcAEQEAAf4DAwIrj1wPpdzkUWD9iXyvzQ6HCfMFdu6d
-7J3Qtl6U5oWDGseNczNBhP9Hw/Gj/rrmS2Q4ssfLCHEYmkSn6VojppolMO3cP7pH
-bxw1+NXKrtHnWF+AxrGjIal7vCAEHp8KcLjjFxnvHhPxfT5GX7NYu+HIP4a9EWlJ
-qXm8sjvq5EDDN4JZKNUhuYeKTBuZOba9XSAS0PblERueoOJuMX86FBe1NtIYZSj+
-Vprt0ZBmLmvSbXzh329eMJ7IlSOGva9siBMiUF1fEqKWw1tim2e5Ujw9xLeqhj0Z
-GeqVfaNWFXQsTooClxG4xal1ujX5N+l4cX4Q6Q3HPNFYPyj1MPv0IQmYtxrzJsdv
-yIyC91vZ3tUgMEvsOte8p1ixhmpzoksfGNpmmLVLSA5dn9U96zX7l/lBQddXD51t
-fHSA70Q42G/jU4W9JQOunrJRr12vKUufxuovIG8pU1BjXDzn8elArdnQjtJWhs8o
-BPoVwfgKloifBBgBAgAJBQJNO3DiAhsMAAoJEItNsq2AkzzkwE0D/0YC2OsJMWp8
-BJxdU5JI2F3c5ueXAT1FZJumfrebG50jE1CguziRxnXd1CxyZ8Lc/4g77qVKo8Vl
-IFyl9D2F7kK7AUUrKzagQfaPFMh7crqjySJcarz2YcKfCVvfJJNBhP3dDMGAsciu
-blbcSKSWFiohB1u1uaXuZAht+cuZ4YJs
-=JQkK
------END PGP PRIVATE KEY BLOCK-----
diff --git a/server/appengine/sigserver/test_public_key.txt b/server/appengine/sigserver/test_public_key.txt
deleted file mode 100644
index b0763df91..000000000
--- a/server/appengine/sigserver/test_public_key.txt
+++ /dev/null
@@ -1,20 +0,0 @@
------BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
-
-mI0ETTtw4gEEANOIKWUt1/wzyE5CUhGrmXJB2FfnnyEUhvfy5yJZenkB+6eoQBvF
-eIzYSeTzsQlMTMi1S2/sgPcTuQpKoHfxclCpDMvXhUNbo2J3mfJrkZwdjHj3Bh6F
-Kj2S0hQ6mWRas8fgP5PLopeSJ4xBnXzF2TV+XudANklp41cglAeIo3ERABEBAAG0
-KVRlc3QgS2V5IChGb3IgdGVzdGluZykgPHRlc3RAZXhhbXBsZS5jb20+iLgEEwEC
-ACIFAk07cOICGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEItNsq2Akzzk
-8lYD/2g8suWHKfu5gLDzGWHwJs0A1fISJAkkt8vrGxpcjWUVwCbtj8RP5SfsU68T
-BRw0u3E8vGlC0PnYabHy9DY8j169RSp01YQrsTlmhLHUEkAPaaVKMuX6swT4YlBd
-idmP/cFU9N0kYUtPw5/eUSmZW2sHX2iYTh2EBhc2UTEDvLyruI0ETTtw4gEEAMyJ
-x2Ha0Rwu4uHuMGC5ctAf+dmnUUE8id0bgv4XQTnUAXE7N3dtGtzv2NaX836FHGQj
-XmWy0q6SE+C46rm7eCfShfxXbPx1F7BywAIqP4OafotL/JbgePCbi/mpT7WFRulD
-Y6fzXGg3hwXG9hfzWP/VQVGvXcJG58YTPbDGIABHABEBAAGInwQYAQIACQUCTTtw
-4gIbDAAKCRCLTbKtgJM85MBNA/9GAtjrCTFqfAScXVOSSNhd3ObnlwE9RWSbpn63
-mxudIxNQoLs4kcZ13dQscmfC3P+IO+6lSqPFZSBcpfQ9he5CuwFFKys2oEH2jxTI
-e3K6o8kiXGq89mHCnwlb3ySTQYT93QzBgLHIrm5W3EiklhYqIQdbtbml7mQIbfnL
-meGCbA==
-=5YOm
------END PGP PUBLIC KEY BLOCK-----
diff --git a/server/appengine/sigserver/war/WEB-INF/appengine-web.xml b/server/appengine/sigserver/war/WEB-INF/appengine-web.xml
deleted file mode 100644
index 1e496ab60..000000000
--- a/server/appengine/sigserver/war/WEB-INF/appengine-web.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-
-
- camlisig
- 1
-
diff --git a/server/appengine/sigserver/war/WEB-INF/web.xml b/server/appengine/sigserver/war/WEB-INF/web.xml
deleted file mode 100644
index a77a25e0d..000000000
--- a/server/appengine/sigserver/war/WEB-INF/web.xml
+++ /dev/null
@@ -1,25 +0,0 @@
-
-
-
-
- signservlet
- org.camlistore.sigserver.SignServlet
-
-
- verifyservlet
- org.camlistore.sigserver.VerifyServlet
-
-
- signservlet
- /camli/sig/sign
-
-
- verifyservlet
- /camli/sig/verify
-
-
- index.html
-
-
diff --git a/server/appengine/sigserver/war/index.html b/server/appengine/sigserver/war/index.html
deleted file mode 100644
index bdbf734b7..000000000
--- a/server/appengine/sigserver/war/index.html
+++ /dev/null
@@ -1,25 +0,0 @@
-
-
- Test /camli/sig/*
-
-
-
-Verify
-
-
-
-