Having successfully migrated production .NET v3.5 web applications over to Server 2008, one issue is that some URLs don't work, ie. ones that have a '+'. This is because IIS7 rejects such URLs with Error 404.11 'URL_DOUBLE_ESCAPED'; See here.
To resolve it, simply put
<system.webServer>
<security>
<requestFiltering allowDoubleEscaping="false" />
</security>
</system.webServer>
...in your web.config under 'configuration'
This makes the server less secure against Canonicalization Attacks.
