Section
6.3.1
Top Level
Sub Level
General
All sensitive information and functions, including login credentials, session ids, account information, all personally identifiable information (SSN's, health information), sensitive functions, and all administrative functions should be protected with SSL.
Coldfusion
ColdFusion does not provide tags and functions for public-key encryption, but it can communicate over SSL. ColdFusion leverages the Sun JSSE to communicate over SSL with web and LDAP servers.
Django
See 1.1.1.
Natural Webagent
See section 1.1.1 for specifics on using SSL in our environment.