Preventing the mixing of armhf packages
I'm making good progress on a Raspberry Pi flavored port of Debian armhf and I hope to have a significant number of packages built within a few weeks. As has been discussed within these threads is that while armv6 armhf packages can be co-mingled on a armv7 armhf system (why you would want to do that is another matter), a method must be found to prevent the casual installation of armv7 armhf packages on an armv6 armhf system. With the wrong packages, such a mistake could prevent a system from functioning.
My question is this. What's the best, user friendly way of minimizing the risk that a user of Debian armhf on the Raspberry Pi would accidentally set their sources.list file to point to the official armhf repository and start pulling down armv7 packages that will potentially corrupt their system?
My thoughts were to not include the installation of the official Debian repository public keys on the Raspberry Pi, but only include the keys for the alternative Debian armhf repository that contains packages safe for the Raspberry Pi. This wouldn't prevent someone from installing the official keys on their own, but it would at least present a barrier the user would have to intentionally pass over.
Is this a reasonable approach? Or, are there better ways of tackling the same goal?
Any thoughts or suggestions would be appreciated.