[sdinsn]

> now it's completely gone.

...From newer versions. Old JDK versions have been kept the same, and Java 7 & 8 are still in heavy use.

> you can now only get support for JWS if you pay or if you go through a third-party.

Not everyone needs enterprise support.

[chrisseaton]

> Old JDK versions have been kept the same, and Java 7 & 8 are still in heavy use.

But they aren't getting free security updates.

> Not everyone needs enterprise support.

Run it without security patches? That's suicidal for a system like JWS.

Or do you think there's some option that is still support but not specifically enterprise and doesn't cost anything? I would take a look at who historically contributes security patches to OpenJDK and think about if you free vendor really has the expertise you think they do to keep up with security attacks.

[sdinsn]

> Or do you think there's some option that is still support but not specifically enterprise and doesn't cost anything?

Yes, Amazon backports security updates to Amazon Corretto (fork of OpenJDK 8 and 11)

[chrisseaton]

> Amazon backports security updates to Amazon Corretto

There's a flaw in your logic there...

JWS is gone in new versions, so there aren't any security updates for it in the newer versions either.

You can't backport a patch which hasn't been written.