I have had this conversation with quite a few people, including a recent conversation with http://twitter.com/joechr309, and decided to blog about the choices that I've made regarding configuration files and sql server. I happen to love the idea of de-coupling a DTS package from the sql server. I can now completely isolate sql server from external programs. If I happen to have a very non-sql intensive SSIS process (importing various files, moving them, manipulating them, ftp'ing them, etc) I no longer have to consume sql resources (granted I need to do lookups and other minor sql tasks, which is why it is an SSIS package). I can also use SSIS high availability functionality.
I had a situation a while back regarding FTP and SSIS. I created an package that included sending a resultant file to a client. The package worked flawlessly when I ran it from my development platform, but moving it to production it would fail. I would get an error that seemed to be related to permissions (I unfortunately did not save the error). It turns out it has to do with the default nature of SSIS and sensitive information (like passwords).