Definitely, /boot should be encrypted. It has been proven possible, so there's every reason to do so.
Definitely, /boot should be encrypted. It has been proven possible, so there's every reason to do so.