Comment 7 for bug 1677958

This problem can be closed .Sorry for disturbing you.For some reasons ,we do analysis on Ubuntu 16.04.,where the nghttp2 version is 1.7.1, NO SSL_set_verify(ssl, SSL_VERIFY_PEER, verify_cb) exists,so we can do MITM attack.
 We find in the lastest version 1.22.0,this bug has fixed.Thank for you timely reply and patience.Also apologize for my carelessness.