Recommended Cache-Control directive

We had a security audit of our Sharepoint 2010 system and one of the recommendations from the scan using WebInspect was related to caching.  Is restricting caching in Sharepoint a supported/recommended practice?  If so, which of the possible options would be best to use (private, no-cache  and/or  no-store)?  Here is the audit result:

"Cached SSL Content -  Set Cache-Control directive to private,  no-cache  and/or  no-store.

Private 

This directive allows the server to prevent a shared cache from caching responses that are intended for a single user. The mechanism can be used to ensure that privileged information is not accidentally leaked to unauthorized users. The directive may still allow caching of responses by non-shared caches.

no-cache 

For sensitive resources requiring user authentication, servers can send the no-cache directive to prevent caches from serving a cached response without first requiring the user agent to validate the user identity. This directive can be specified with or without field names. When no field names are included, this directive applies to the entire request or response. When one or more field names are specified in the no-cache directive, the response is can be cached but the specified field(s) must be excluded. If the response must include the specified field, then the cache must ensure that the request triggers a revalidation with the origin server. Example:

Cache-Control: no-cache="Set-Cookie"

This directive can be used to ensure sensitive information leakage by requiring the server to confirm the user identity before serving the protected information.

no-store

To completely disable caching of requests or responses, the server must specify the no-store directive in the Cache-Control header. This directive applies to the entire request and response regardless of whether the directive is sent in the request or the response."

thanks,