diff --git a/README.md b/README.md
index a90356bca98fed92d13146fed2990fc436e02946..642b7cdba59b3eaed0caa4586e0bea38963d7c54 100644
--- a/README.md
+++ b/README.md
@@ -293,8 +293,10 @@ configured with the following attributes:
 The known queries are identified by name. It does not matter what
 operations you do as long as the queries take the expected input
 substitution parameters, and return rows with the expected number of
-fields (column names do not matter). You should use the parameter
-substitution symbol `?` as placeholder for query parameters.
+fields (column names do not matter). Note that the order of returned
+columns is critical, and it should match what is documented here. You
+should use the parameter substitution symbol `?` as placeholder for
+query parameters.
 
 * `get_user` takes a single parameter (the user name) and must return
   a single row with *email*, *password*, *TOTP secret* and *shard*
@@ -334,12 +336,12 @@ CREATE TABLE group_memberships (
     group_name text NOT NULL
 );
 CREATE INDEX group_memberships_idx ON group_memberships(email);
-CREATE TABLE u2f_registrations (
+CREATE TABLE webauthn_registrations (
     email text NOT NULL,
     key_handle blob NOT NULL,
     public_key blob NOT NULL
 );
-CREATE INDEX u2f_registrations_idx ON u2f_registrations(email);
+CREATE INDEX webauthn_registrations_idx ON webauthn_registrations(email);
 CREATE TABLE service_passwords (
     email text NOT NULL,
     service text NOT NULL,
@@ -348,6 +350,9 @@ CREATE TABLE service_passwords (
 CREATE INDEX service_passwords_idx ON service_passwords(email);
 ```
 
+(Note: this isn't a great schema example due to the lack of
+referential integrity, it's just useful as an example)
+
 With this schema, one could use the following configuration for a
 service:
 
@@ -361,7 +366,7 @@ services:
           queries:
             get_user: "SELECT email, password, totp_secret, shard FROM users WHERE email = ?"
             get_user_groups: "SELECT group_name FROM group_memberships WHERE email = ?"
-            get_user_u2f: "SELECT public_key, key_handle FROM u2f_registrations WHERE email = ?"
+            get_user_u2f: "SELECT public_key, key_handle FROM webauthn_registrations WHERE email = ?"
             get_user_asp: "SELECT service, password FROM service_passwords WHERE email = ?"
 ```