Address emlun's comments

index.bs

@@ -1928,12 +1928,16 @@ a numbered step. If outdented, it (today) is rendered as a bullet in the midst o
 1. If <code>|options|.{{CredentialRequestOptions/mediation}}</code> is present with the value
      {{CredentialMediationRequirement/conditional}}:
 
-    1. If |conditionalCreateLifetimeTimer| is expired or |conditionalCreateOrigin| is not |callerOrigin|, throw a "{{NotAllowedError}}" {{DOMException}}.
+    1. If the user agent has not recently mediated an authentication, the origin of said authentication is not |callerOrigin|, or the user
+    does not consent to this type of credential creation, throw a "{{NotAllowedError}}" {{DOMException}}.
 
-    Note: |conditionalCreateLifetimeTimer| and |conditionalCreateOrigin| will be set by the user agent after it believes an authentication ceremony has
-    been completed and the user consents to this type of credential creation.
+    Note: The user agent will note when it believes an authentication ceremony has
+    been completed.
 
-    1. Set |lifetimeTimer| to a client-specific default.
+    1. If <code>|pkOptions|.{{PublicKeyCredentialRequestOptions/timeout}}</code> is present, check if its value lies
+        within a reasonable range as defined by the [=client=] and if not, correct it to the closest value lying within that range.
+        Set a timer |lifetimeTimer| to this adjusted value. If <code>|pkOptions|.{{PublicKeyCredentialRequestOptions/timeout}}</code>
+        is not present, then set |lifetimeTimer| to a [=client=]-specific default.
 
 1. Consider the value of {{PublicKeyCredentialCreationOptions/hints}} and craft the user interface accordingly, as the user-agent sees fit.