I appreciate your reply.
1) I still think SSL 2.0 should be disabled on a servers, meaning no connection allowed with its cryptographically broken key negotiation. I realize up-to-date OSs and browsers 'prefer' a better secure connection; however, Verizon (Akamai) servers still allow its use whie best security practices say to disable it.
If Verizon has concerns about refusing a connection to an SSL-2.0-only browser, I recommend using an intercept page to enlighten the customer to their vulnerability, and perhaps suggesting to them/pointing them to a fix-it page. Letting Verizon servers use an insecure protocol seems irresponsible.
2) Regardless of the foregoing, Verizon owes it to customers to eliminate the BEAST vulnerability, which is being actively exploited on the Internet as we speak.