Github user YolandaMDavis commented on the issue:
https://github.com/apache/nifi/pull/2628
Spoke with @alopresto offline. He highlighted that is it important to
maintain control of location of secure-hash.key file in order to prevent
calling application from piping into a file that is controlled externally. We
want to keep it as secured as possible.
Concerning the documentation update recommendation that can be addressed in
a separate item.
+1
Will merge shortly---
