diff --git a/wp-includes/formatting.php b/wp-includes/formatting.php
index c940a35d5..350569fba 100644
--- a/wp-includes/formatting.php
+++ b/wp-includes/formatting.php
@@ -763,10 +763,6 @@ function sanitize_user( $username, $strict = false ) {
  */
 function sanitize_key( $key ) {
 	$raw_key = $key;
-	$key = wp_strip_all_tags($key);
-	// Kill octets
-	$key = preg_replace('|%([a-fA-F0-9][a-fA-F0-9])|', '', $key);
-	$key = preg_replace('/&.+?;/', '', $key); // Kill entities
 
 	$key = preg_replace('|[^a-z0-9 _.\-@]|i', '', $key);
 
diff --git a/wp-includes/post.php b/wp-includes/post.php
index 6aba67aba..adacec189 100644
--- a/wp-includes/post.php
+++ b/wp-includes/post.php
@@ -571,7 +571,7 @@ function register_post_status($post_status, $args = array()) {
 	$args = wp_parse_args($args, $defaults);
 	$args = (object) $args;
 
-	$post_status = sanitize_user($post_status, true);
+	$post_status = sanitize_key($post_status);
 	$args->name = $post_status;
 
 	if ( null === $args->public && null === $args->internal && null === $args->protected && null === $args->private )
@@ -819,7 +819,7 @@ function register_post_type($post_type, $args = array()) {
 	$args = wp_parse_args($args, $defaults);
 	$args = (object) $args;
 
-	$post_type = sanitize_user($post_type, true);
+	$post_type = sanitize_key($post_type);
 	$args->name = $post_type;
 
 	// If not set, default to the setting for public.
diff --git a/wp-includes/query.php b/wp-includes/query.php
index 8fa701ed9..5284e034e 100644
--- a/wp-includes/query.php
+++ b/wp-includes/query.php
@@ -1456,9 +1456,9 @@ class WP_Query {
 
 		if ( !empty($qv['post_type']) ) {
 			if ( is_array($qv['post_type']) )
-				$qv['post_type'] = array_map('sanitize_user', $qv['post_type'], array(true));
+				$qv['post_type'] = array_map('sanitize_key', $qv['post_type']);
 			else
-				$qv['post_type'] = sanitize_user($qv['post_type'], true);
+				$qv['post_type'] = sanitize_key($qv['post_type']);
 		}
 
 		if ( !empty($qv['post_status']) )