It seems the developer just let his 1 year distribution certificate expire. This is really careless on his part and blame should not be automatically placed on Apple.
If you distribute a web app using SSL, and let your Verisign certificate expire, are you going to complain that Verisign is unfair because now your customers are getting security warnings/errors in their browsers?
The developer said "somehow my so called ‘Distribution Provisioning Profile’ has expired and seems to be the reason."
However, to me, it isn't clear that this was really the reason for his app being removed from sale.
My first two apps haven't been updated for a long time (the first was released in 2008 and the second in early 2009). The distribution provisioning profiles (and the certificates used for the profiles) expired a long time ago.
However, those two apps are still available for sale in the app-store (because my developer registration continues to be active)
It is unclear why the developer's app was removed from sale after being approved, but if the certificate/profile had been valid at approval time, that isn't the problem. If the profile had previously expired and the app had been approved in error, he should just try to resubmit it with a new provisioning profile.
If you distribute a web app using SSL, and let your Verisign certificate expire, are you going to complain that Verisign is unfair because now your customers are getting security warnings/errors in their browsers?