diff --git a/README.md b/README.md
index 2a9f903c6bf7a4214edc13ea7f077a693d6b28e5..3a56ab726851def87e9c96f896f84d33f20fdc37 100644
--- a/README.md
+++ b/README.md
@@ -13,7 +13,12 @@ However, its APIs are intended to be easy to integrate with such an implementati
 
 * SDMF write, read, and verify capabilities can be parsed and serialized.
 * SDMF shares can be deserialized, decoded, and decrypted.
-  * The cryptographic integrity and authenticity is not verified.
+  * The cryptographic integrity is not verified:
+	* a share's block hashes are not checked against the share's block hash tree
+	* the root of the computed share hash tree is not checked against share's pre-computed share hash tree root
+  * The cryptographic authenticity is not verified:
+    * signatures on the data are not checked
+
 * Plaintext can be encrypted, encoded into shares, and the shares serialized to bytes.
   * Not all fields of the shares contain correctly initialized values.
   * Enough fields are correctly populated to recover the original plaintext.