Apparently it's quite widespread, so I would assume a bug on their side. That's what support seemed to imply at least. We're still blocked at my company for one month+ now.
Apparently it's quite widespread, so I would assume a bug on their side. That's what support seemed to imply at least. We're still blocked at my company for one month+ now.
With Microsoft, I assume malice AND negligence first. The hostility they've shown toward their own users tells you everything you need to know.
"so I would assume a bug on their side"
Why a "bug".
I doubt someone manually went and flagged all the accounts as invalid suddenly or whatever and that was their goal. By a bug I mean some kind of automated action that did not produce the expected outcome.
Also because, at least on our side, the account was in an inconsistent state: we were correctly enrolled/validated, but could not access the signing interface.
For something like this, I would generalize a "bug" to encompass both software and human processes. Some decision-maker saw some metrics consistent with spam and enacted a spam-blocking measure. Any decision like this is going to lead to false positives. Maybe they decided "I don't need to confer with anyone", or maybe they did and got the green light even after multiple eyeballs looked at it. I'm not saying that this does any good for Microsoft's already-sullied trust, but mistakes happen and combating spam is a constantly evolving arms race. There's no way any organization is going to get it 100% of the time even after decades of dealing with it.