I wouldn't do it simply because it breaks the normal procedure of how things work. I see no problem with the .php extension and folks are used to it. Look at the forum here. Almost every forum out there uses php along with the majority of other popular scripts run now for web sites. The general public is used to seeing it. All forms have to run through some type of "procedure". It really is not going to help you from a security standpoint to try and hide that it is a php script. It is much better to choose secure scripts.
Should work in a .htaccess file. Remember that using .htacces can put added strain on the server.
AddType application/x-httpd-php .html .htm