Inconsistency between FIA_AFL_EXT.1 and FIA_UAU.5

[jvdsn]

See also #42, #43, #44.

FIA_AFL_EXT.1 requires rate limiting for remote authentication using on PIN or password. For NIAP, exact conformance requires this SFR to be included in the Security Target and tested. However, if the TOE does not implement remote authentication using on PIN or password, this SFR seems to prevent an evaluation?

[jfisherbah]

Moved FIA_AFL_EXT.1 to sel-based on either of the password-related options being claimed.