I agree in general, but calling it uncool and laying any blame on the person reporting is not fair.
You may know the protocol, security researchers and people in the tech industry may know that, but why is an ordinary Joe expected to know, or research, that email address and/or the protocol regarding 0-day vulnerabilities.
I'd argue that even to the ordinary Joe it should be quite logical that disclosing something publicly before the company has had a chance to fix it means that nefarious people could learn about the exploit and use it against victims.
It's the same logical line of thought that leads people into turning wallets into the lost and found (or an authority) instead of just pointing at it on the ground shouting "hey look, a wallet!" then walking away.
You may know the protocol, security researchers and people in the tech industry may know that, but why is an ordinary Joe expected to know, or research, that email address and/or the protocol regarding 0-day vulnerabilities.