Add documentation about how unverified members/devices are handled in encrypted rooms

[KizzyCode]

Would it be possible to add some documentation how unverified members are handled by default in an encrypted room? AFAIK, there are 3 reasonable possibilities:

1. Encrypt to all members (potentially insecure, but often the only choice for large rooms)
2. Encrypt to verified members only, ignore unverified members (secure, can lead to hard-to-debug errors for inexperienced users)
3. Encrypt to verified members only, fail if there are unverified members (secure, forces the sender to make an explicit decision)

IMO it would be good if the current default choice is explicitly stated somewhere, because each variant could lead to unexpected side effects. (In the long run it might make sense to add switches to select the desired behavior, but this is probably much more work than a quick documentation update).

EDIT: If someone can tell me what the current behavior is, I can also create a PR to update the documentation 😊