diff --git a/doc/api/crypto.md b/doc/api/crypto.md
index 9adc9082fc2fc2..e378b3705aaa00 100644
--- a/doc/api/crypto.md
+++ b/doc/api/crypto.md
@@ -42,7 +42,10 @@ added: v0.11.8
 -->
 
 SPKAC is a Certificate Signing Request mechanism originally implemented by
-Netscape and now specified formally as part of [HTML5's `keygen` element][].
+Netscape and was specified formally as part of [HTML5's `keygen` element][].
+
+Note that `<keygen>` is deprecated since [HTML 5.2][] and new projects
+should not use this element anymore.
 
 The `crypto` module provides the `Certificate` class for working with SPKAC
 data. The most common usage is handling output generated by the HTML5
@@ -2469,7 +2472,8 @@ the `crypto`, `tls`, and `https` modules and are generally specific to OpenSSL.
 [`verify.verify()`]: #crypto_verify_verify_object_signature_signatureformat
 [Caveats]: #crypto_support_for_weak_or_compromised_algorithms
 [Crypto Constants]: #crypto_crypto_constants_1
-[HTML5's `keygen` element]: https://www.w3.org/TR/html5/forms.html#the-keygen-element
+[HTML 5.2]: https://www.w3.org/TR/html52/changes.html#features-removed
+[HTML5's `keygen` element]: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/keygen
 [NIST SP 800-131A]: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar1.pdf
 [NIST SP 800-132]: http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-132.pdf
 [NIST SP 800-38D]: http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf