diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/FormLoginFactory.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/FormLoginFactory.php
index c6837f3b9f..9da067799e 100644
--- a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/FormLoginFactory.php
+++ b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/FormLoginFactory.php
@@ -39,9 +39,7 @@ class FormLoginFactory implements SecurityFactoryInterface
 
         // add remember-me tag
         $rememberMe = true;
-        if (isset($config['remember-me']) && false === $config['remember-me']) {
-            $rememberMe = false;
-        } else if (isset($config['remember_me']) && false === $config['remember_me']) {
+        if (isset($config['remember_me']) && false === $config['remember_me']) {
             $rememberMe = false;
         }
         if ($rememberMe) {
@@ -69,18 +67,12 @@ class FormLoginFactory implements SecurityFactoryInterface
 
         // success handler
         if (isset($config['success_handler'])) {
-            $config['success-handler'] = $config['success_handler'];
-        }
-        if (isset($config['success-handler'])) {
-            $listener->setArgument(5, new Reference($config['success-handler']));
+            $listener->setArgument(5, new Reference($config['success_handler']));
         }
 
         // failure handler
         if (isset($config['failure_handler'])) {
-            $config['failure-handler'] = $config['failure_handler'];
-        }
-        if (isset($config['failure-handler'])) {
-            $listener->setArgument(6, new Reference($config['failure-handler']));
+            $listener->setArgument(6, new Reference($config['failure_handler']));
         }
 
         // form entry point
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
index f02295cf3f..c488ca889d 100644
--- a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
+++ b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
@@ -38,14 +38,14 @@ class SecurityExtension extends Extension
     public function configLoad(array $configs, ContainerBuilder $container)
     {
         foreach ($configs as $config) {
-            $this->doConfigLoad($config, $container);
+            $this->doConfigLoad($this->normalizeKeys($config), $container);
         }
     }
 
     public function aclLoad(array $configs, ContainerBuilder $container)
     {
         foreach ($configs as $config) {
-            $this->doAclLoad($config, $container);
+            $this->doAclLoad($this->normalizeKeys($config), $container);
         }
     }
 
@@ -67,16 +67,13 @@ class SecurityExtension extends Extension
             $loader->load('collectors.xml');
         }
 
-        if (isset($config['access-denied-url'])) {
-            $container->setParameter('security.access.denied_url', $config['access-denied-url']);
+        if (isset($config['access_denied_url'])) {
+            $container->setParameter('security.access.denied_url', $config['access_denied_url']);
         }
 
         // session fixation protection
         if (isset($config['session_fixation_protection'])) {
-            $config['session-fixation-protection'] = $config['session_fixation_protection'];
-        }
-        if (isset($config['session-fixation-protection'])) {
-            $container->setParameter('security.authentication.session_strategy.strategy', $config['session-fixation-protection']);
+            $container->setParameter('security.authentication.session_strategy.strategy', $config['session_fixation_protection']);
         }
 
         $this->createFirewalls($config, $container);
@@ -91,8 +88,6 @@ class SecurityExtension extends Extension
         $roles = array();
         if (isset($config['role_hierarchy'])) {
             $roles = $config['role_hierarchy'];
-        } elseif (isset($config['role-hierarchy'])) {
-            $roles = $config['role-hierarchy'];
         }
 
         if (isset($roles['role']) && is_int(key($roles['role']))) {
@@ -123,8 +118,6 @@ class SecurityExtension extends Extension
         $rules = array();
         if (isset($config['access_control'])) {
             $rules = $config['access_control'];
-        } elseif (isset($config['access-control'])) {
-            $rules = $config['access-control'];
         }
 
         if (isset($rules['rule']) && is_array($rules['rule'])) {
@@ -134,9 +127,7 @@ class SecurityExtension extends Extension
         foreach ($rules as $i => $access) {
             $roles = isset($access['role']) ? (is_array($access['role']) ? $access['role'] : preg_split('/\s*,\s*/', $access['role'])) : array();
             $channel = null;
-            if (isset($access['requires-channel'])) {
-                $channel = $access['requires-channel'];
-            } elseif (isset($access['requires_channel'])) {
+            if (isset($access['requires_channel'])) {
                 $channel = $access['requires_channel'];
             }
 
@@ -218,11 +209,7 @@ class SecurityExtension extends Extension
         $i = 0;
         $matcher = null;
         if (isset($firewall['request_matcher'])) {
-            $firewall['request-matcher'] = $firewall['request_matcher'];
-        }
-
-        if (isset($firewall['request-matcher'])) {
-            $matcher = new Reference($firewall['request-matcher']);
+            $matcher = new Reference($firewall['request_matcher']);
         } else if (isset($firewall['pattern'])) {
             $matcher = $this->createRequestMatcher($container, $firewall['pattern']);
         }
@@ -280,11 +267,8 @@ class SecurityExtension extends Extension
 
             // add session logout handler
             $invalidateSession = true;
-            if (array_key_exists('invalidate_session', $firewall['logout'])) {
-                $firewall['logout']['invalidate-session'] = $firewall['logout']['invalidate_session'];
-            }
-            if (array_key_exists('invalidate-session', $firewall['logout'])) {
-                $invalidateSession = (Boolean) $invalidateSession;
+            if (isset($firewall['logout']['invalidate_session'])) {
+                $invalidateSession = (Boolean) $firewall['logout']['invalidate_session'];
             }
             if (true === $invalidateSession && (!isset($firewall['stateless']) || !$firewall['stateless'])) {
                 $listener->addMethodCall('addHandler', array(new Reference('security.logout.handler.session')));
@@ -315,18 +299,12 @@ class SecurityExtension extends Extension
 
         // Switch user listener
         if (array_key_exists('switch_user', $firewall)) {
-            $firewall['switch-user'] = $firewall['switch_user'];
-        }
-        if (array_key_exists('switch-user', $firewall)) {
-            $listeners[] = new Reference($this->createSwitchUserListener($container, $id, $firewall['switch-user'], $defaultProvider));
+            $listeners[] = new Reference($this->createSwitchUserListener($container, $id, $firewall['switch_user'], $defaultProvider));
         }
 
         // Determine default entry point
         if (isset($firewall['entry_point'])) {
-            $firewall['entry-point'] = $firewall['entry_point'];
-        }
-        if (isset($firewall['entry-point'])) {
-            $defaultEntryPoint = $firewall['entry-point'];
+            $defaultEntryPoint = $firewall['entry_point'];
         }
 
         // Exception listener
@@ -493,8 +471,8 @@ class SecurityExtension extends Extension
         if ('plaintext' === $config['algorithm']) {
             $arguments = array();
 
-            if (array_key_exists('ignore-case', $config)) {
-                $arguments[0] = (Boolean) $config['ignore-case'];
+            if (isset($config['ignore_case'])) {
+                $arguments[0] = (Boolean) $config['ignore_case'];
             }
 
             $encoderMap[$accountClass] = array(
@@ -509,8 +487,8 @@ class SecurityExtension extends Extension
         $arguments = array($config['algorithm']);
 
         // add optional arguments
-        if (isset($config['encode-as-base64'])) {
-            $arguments[1] = (Boolean) $config['encode-as-base64'];
+        if (isset($config['encode_as_base64'])) {
+            $arguments[1] = (Boolean) $config['encode_as_base64'];
         } else {
             $arguments[1] = false;
         }
@@ -627,22 +605,15 @@ class SecurityExtension extends Extension
 
     protected function createExceptionListener($container, $config, $id, $defaultEntryPoint)
     {
-        if (isset($config['access_denied_handler'])) {
-            $config['access-denied-handler'] = $config['access_denied_handler'];
-        }
-        if (isset($config['access_denied_url'])) {
-            $config['access-denied-url'] = $config['access_denied_url'];
-        }
-
         $exceptionListenerId = 'security.exception_listener.'.$id;
         $listener = $container->setDefinition($exceptionListenerId, new DefinitionDecorator('security.exception_listener'));
         $listener->setArgument(2, null === $defaultEntryPoint ? null : new Reference($defaultEntryPoint));
 
         // access denied handler setup
-        if (isset($config['access-denied-handler'])) {
-            $listener->setArgument(4, new Reference($config['access-denied-handler']));
-        } else if (isset($config['access-denied-url'])) {
-            $listener->setArgument(3, $config['access-denied-url']);
+        if (isset($config['access_denied_handler'])) {
+            $listener->setArgument(4, new Reference($config['access_denied_handler']));
+        } else if (isset($config['access_denied_url'])) {
+            $listener->setArgument(3, $config['access_denied_url']);
         }
 
         return $exceptionListenerId;