There is no reason.

Using SSL v2 (and even v3) is essentially as secure as using plaintext. The only use case I'd see for these old protocols would be to connect to some extremely cursed antique software which only supports these old protocols and don't allow to disable them. In that case, the person wanting to interact with said cursed software could simply use an older release of curl.

One that comes to mind is the large performance regression introduced by 3.0. Dropping 1.0.2 and 1.1.0 would be an easy decision.

Maybe for some extremely small Linux distributions like TinyCore?

Certain enterprise applications that are Hot Garbage, possibly.

if you also have BoringSSL and AWS-LC support, then I don’t see much reason to keep supporting ancient OpenSSL versions. But then, curl and Netty are used very differently.

I would keep. Curl is a good network debugging tool for websites and CDNs that do not have their preferred cipher order in good order.

just wait until you learn how slow corporate life is moving towards never OpenSSL versions. You can still get paid support from OpenSSL for at least 1.1.1 release.

I‘d hope everyone needing to keep old OpenSSL going is being paid well for it.

How does LibreSSL goes into this mix and I mean mess?

Fantastic answer

in my special experience (industry OT), if you don't cut the support, no one else will. You have to force push the updates in that kind of legacy systems