derbyfinal2.patch looks like a good improvement to me. I'll run the regression tests and hopefully commit it later today.
Some of the fields touched in the Configuration class don't actually seem to be in use, except in the static block that initializes them. Those are jreLevel, jreLevelMajor, jreLevelMinor, dncPackageVersion and packageNameForDNC. Do you think it would be best just to get rid of them altogether?
As to the other problematic fields in Configuration, I think many of them are unused an can be removed. dncPackageConsistencyToken, which is an array, should probably be moved to NetConfiguration, in which case it could be made package-private (then it cannot be accessed by external code since the package is sealed). dncCompatibleJREVersions is another public array, but since it's only used for debugging/tracing purposes, there's probably not much harm that could be done by maliciously changing it. (The current values in dncCompatibleJREVersions are not correct, though, since the client driver no longer works with 1.3, and it does work with 1.5 and 1.6. But that's a different issue, I guess.)