Not personally, but close colleagues did a few of those. 4-5 months to get a response.
You have any experience with that nostr:npub1gcxzte5zlkncx26j68ez60fzkvtkm9e0vrwdcvsjakxf9mu9qewqlfnj5z?
Discussion
As soon as possible, but not before the cipher is well chosen. And that should depend on actual implementation experience.
I also don't think there's much of a rush. Once there's an "official" number assigned, we recommend that clients use it. But until then the private usage number is just fine.
What is most useful I think is to have more eyes on it, which the application process should achieve. And it's nice to have things buttoned up eventually.