Gatekeeper does something different in my opinion - it passes the request through, and adds openacs security handling. I don't see a problem having different packages for that - actually it is less confusing this way.
Nevertheless gatekeeper could use some documentation.
