Yes, that's what it says, but "except better security" just means this browser should be able to use a good cipher and if this browser fails to do so, there is something wrong with your config. So I think these browsers are just the "reference browsers" you should support.
As for your example the cipher is all right.
No, better don't do this. 128bit has some advantages (excluding performance) in some cases.
I'd always recommend Mozilla's config generator:
https://mozilla.github.io/server-side-tls/ssl-config-generator/
There they also state the oldest clients, which are supported with the different configurations.
The rank is usually just determined by the server AFAIK...
See this: