Github user revans2 commented on the issue:
https://github.com/apache/storm/pull/2531
I will fix the nit, but I was also talking to some security people and I am
going to switch the signature algorithm from "HmacSHA1" to "HmacSHA256". Not
because there are any issues with SHA1, this will just make it a bit more
future proof. Also to take full advantage of a 256bit hash I am going to up
the key size to 256 bits as well.
I'll make the changes squash it and put it up again, just to be sure
everyone is OK with the final code.
---
