Hi,
just found out that you don't sign your packages (unlike "normal" arch-dev's do).
Please sign them and provide the trusted keys.
I simply can't install packages from *some* mirror that could possibly be manipulated.
Thats a real blocker for me. I have to go back to Raspbian.
I'm using Arch on my Desktop and would love to run it on my Pi, too.
Regards,
Michael