Small updates to README.md file
I found some additional bits of information might help doing a full
security review of the extension. I'm intentionally uploading this as
a separate patch instead of having lots of comments on the original
patch I977164e. But feel free to discuss this patch. Now that we have
a baseline merged I believe it is fine to discuss details.