From 34ade3c1ac66916430cc7e20ad3e7bb0d2518a2a Mon Sep 17 00:00:00 2001
From: Hugh Nimmo-Smith <hughns@element.io>
Date: Wed, 3 Sep 2025 17:48:44 +0100
Subject: [PATCH] Min and mix rendezvous timeouts

See https://github.com/matrix-org/matrix-spec-proposals/pull/4108#discussion_r1575855901
---
 proposals/4108-oidc-qr-login.md | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/proposals/4108-oidc-qr-login.md b/proposals/4108-oidc-qr-login.md
index 6282788a3..8009811a0 100644
--- a/proposals/4108-oidc-qr-login.md
+++ b/proposals/4108-oidc-qr-login.md
@@ -226,13 +226,16 @@ The server enforce a maximum payload size of 4KB.
 
 ###### Maximum duration of a rendezvous
 
-The rendezvous session needs to persist for the duration of the login. So a timeout such as 60 seconds should be adequate.
-
-It does need to allow the user another time to confirm that the secure channel has been established and complete any extra
-homeserver mandated login steps such as MFA.
+The rendezvous session needs to persist for the duration of the login including allowing the user another time to
+confirm that the secure channel has been established and complete any extra homeserver mandated login steps such as MFA.
 
 Clients should handle the case of the rendezvous session being cancelled or timed out by the server.
 
+The server MUST enforce a timeout on each rendezvous. When picking a value to use:
+
+- the minimum timeout SHOULD be 120 seconds for usability
+- the maximum timeout SHOULD be 300 seconds for security
+
 ###### ETags
 
 The ETag generated should be unique to the rendezvous session and the last modified time so that two clients can