I would set false anything that is 128 bit, i think the fallback there was RC4 128 md5 for old blogs and such.
Think Camelia is very old.
This broke hotmail a while ago, but think they upgraded.
It is important to figure out how to make sure the browser doesn't downgrade the handshake.
I have asked this before, and never got a good answer. It depends on how many old sites, and how many mega sites you access.
and some info here on http://dnscurve.org/in-benefits.html
I am not sure which ec (elliptical curve) was compromised, but some are saying the double versions are still secure.
are you looking for security, privacy, or anon ?
if privacy, check EFF.org for info, and make sure you disable ping back.https://panopticlick.eff.org/about.phphttps://wiki.mozilla.org/Fingerprinting
Also add self destructing cookies plug in, and look these over
ADD ons list
Calomel SSL Validation
Download YouTube Videos as MP4
Empty Cache Button
Foundstone HTML5 Local Storage Explorer
Hush - private bookmarking
JSONovich 18.104.22.168 true firstname.lastname@example.org
Live HTTP headers
Lock The Text email@example.com
Mozilla Archive Format
Organize Status Bar (Revived)
Skip Addon Compatibility Check
Skip Cert Error
Small Nav Bar
DisconnectMe blocks a lot of the tags on pages so you don't need FB,Googl block etc.
Anon uses most of the above, but TOR is the way to go, along with a VPN. Tor nodes have been compromised, and NSA has hacked many VPNs, so you still need to encrypt anything you send
"Rogue Nodes Turn Tor Anonymizer Into Eavesdropper's Paradise
You also should know that Firefox keeps an sql database of all visited sites and downloaded files in your profiles sections (local and roaming)
SQLite database explorer
I don't know enough about security to help with encryption, header mods, pgp, etc. , to help you out there.