I appreciate the clarification; had the announcement contained something to that effect ("We realize that production releases need GPG signatures and secure distribution channels, but we want to get this build out for early testing by devs and we're still ironing out the aforementioned distribution procedures"), I'd not have had any complaint at all.
Unfortunately, without that notice, my first thought was "why is it linking me to an HTTP site". The notice prevents visitors like me from guessing as to why that is by setting the appropriate context and letting us know you're aware of the right steps but they aren't feasible right now.
It's not the state of the software itself that's being questioned here. It's how security wasn't put first and foremost in this case. Putting an extraordinarily high degree of emphasis on security is something a lot of us have come to expect from OpenBSD and related projects. Security comes first, even if that means waiting a bit longer for an official release, or something like that.
While LibreSSL does appear to be going in the right direction, especially after the disastrous few months that OpenSSL has had, the community at large does want to be reassured that the LibreSSL project truly does revere security. A more security-conscious release in this case would have helped with that.
Unfortunately, without that notice, my first thought was "why is it linking me to an HTTP site". The notice prevents visitors like me from guessing as to why that is by setting the appropriate context and letting us know you're aware of the right steps but they aren't feasible right now.