In the nagios configuration files all the password are in clear text. It would be great to secure it especially when you use it via a web interface.
HMAC message digests for signing pyro messages. (Pyro is the messageing framework that Shinken runs on). This feature is available starting at Pyro 4.04.
This would be a good first step in securing default Shinken installations.