Developer kicked out of iOS developer program for exposing security flaw

An iOS developer by the name of Charlie Miller recently found himself rather unceremoniously kicked out of the iOS developer program. The reason behind this move? Well it seems that Charlie Miller found a security exploit in iOS that allowed the manipulation of a javascript exception in the mobile version of Safari. This javascript exception would have basically allowed malicious code to be downloaded after an app has been accepted into the iTunes App Store.

Naturally this is a can of worms that Apple would not have been too pleased about, therefore they removed his developer credentials after Charlie Miller actually created an app that demonstrated this exploit in action. Was Apple too harsh or should Charlie Miller have chosen a different route in exposing this security flaw, such as sharing it in developer forums or with Apple, instead of creating an app for it?