That means that if somebody is on 4.0 and they upgrade to 5.0, if they use > some ciphers / protocols / algorithms which are not in Corretto, it might > break their upgrade. >
If there's any risk of breaking upgrades we have to go with (2). We support a variation of JCE configurations, and I don't see we have the test coverage in place to de-risk it other than going with (2). Once the yaml configuration is in place we can then change the default in the next major version 6.0.