I've just learnt about TS Gateway feature in 2008, and this is sweet.
However, this also puzzled me - aren't RDP sessions already encrypted? - Isn't than using SSL over HTTP a double encryption?
And what about Smart Cards? That is easily implemented in Terminal Servers, and serves as authentication - so this TS G. is not actually a first preauthentification RDP solution.