PEP should use existing certificates, but there were new ones created

[Sly Gryphon]

I was looking at the PEP features in EnigMail, and so changed from "Force use Enigmail" to "Force use PEP".

But looking at the certificates, it created new, trusted, certificates from my email address. See the attached image.

The "Sly Gryphon sly@gamertheory.net" is my primary identity, with additional values for several email addresses.

The two "sly@gamertheory.net" accounts under that were created on 04 Jan 2020 (expire 03 Jan 2021), when I was looking at PEP (it was a couple of days ago). I didn't create them manually, but it could have been something else because I updated Thunderbird, then reinstalled the Enigmail plug in (which updated GPG for Windows).

I have tried to check and can't see anything that has been encrypted by the two extra (but I might backup before deleting them).

It looks like something (my guess PEP) isn't matching the existing cert due to name part, and so creating a new cert for the email part only.

[Patrick Brunschwig]

Your obervation is correct. Under some circumstances (I don't know which exactly), the pEp engine creates its own keys and ignores existing keys. Furthermore, pEp does not use the OpenPGP settings in the Account Management.