Good article. Nice and concise, with good points. BOL pointed this out in regards to the read-only file groups:

While TDE operations are not allowed if the database has any read-only filegroups, TDE can be used with read-only filegroups. To enable TDE on a database that has read-only filegroups, the filegroups must first be set to allow writes. After the encryption scan completes, the filegroup can be set back to read only. Key changes or decryption must be performed the same way.

So there is a work-around, but it had better be known before doing encryption. Thanks again for the information!

Cheers,

Brian