1. Full-disk encryption is unlocked at power-on.
2. Users not authorized to unlock the disk can use the system normally once it has been unlocked. (subject to random kernel panics...)
3. Sleep does not lock the disk.
4. Hibernate does.
5. A sleeping Mac will automatically switch from sleep to hibernate if power is interrupted or the battery gets low.
6. A sleeping Mac may switch to hibernate under other circumstances, such as "been asleep for X minutes". The hooks are there, but I haven't seen this behavior yet on one that's not low on battery.
7. [Update] normally, when you shut down, you have the option to choose not to reopen applications on boot; if, however, other people are logged in, the override-and-shutdown-anyway dialog does not include this option. And, of course, you're not allowed to change the default behavior.
8. [Update] If you wake up the machine while it's very low on battery power, and manage to enter your password before it insists on going back to sleep, then when you plug it in and wake it up, you will not be required to enter your password. The "emergency low-power" sleep does not re-lock the screen.

Taken separately, each piece makes perfect sense. It’s only in combination that there are some surprising behaviors, which can become even more fun when you add in some of the poorly-thought-out iPadifications.

Apple’s goal (incompletely implemented and rushed out the door) is to blur the distinction between “on” and “off” at all levels, so that your Mac, like your iPad, is always in the state you left it, whether you put it to sleep, shut it off, crashed it, or whatever. For a single-user, single-task device like the iPad, this is a reasonable goal. For a laptop, especially one that doesn’t run only Apple-supplied software and may be used in very different environments, it may be the exact opposite of a good idea.

For a laptop that contains data sensitive enough to encrypt, it’s downright stupid. Left Hand, go have a little chat with Right Hand about what you’re doing, mmkay?