I've already posted something regarding my favourites Firefox extensions when it's about security. Let's point out here what would be useful to mitigate those AC / HTTPS certificates issues (see: http://blog.trendmicro.com/diginotar-iranians-the-real-target/):
- Certificate Patrol
- Calomel SSL
- CERT viewer plus
- SSL BlackList
I can tell I saw a "certificate change" for Google, a few days ago! (with Certificate Patrol).
And after that, yes, you may still want to use HTTPS Everywhere :)