If SNI poisoning does not work for censoring, the whole IP range of service would be blocked instead. You cannot always count on changing IP addresses which would be a cat-and-mouse game.
How SNI is helping there? You still will have the entire website blocked. Clear HTTP would help, as they could block few selected pages and rest would be available. I don't understand this entire movement to HTTPS. Some people think that governments won't dare to block Wikipedia, Amazon or Google? Well, they dared and now you have millions of useful articles blocked because of few offending ones. If I would live in a China, I would prefer censored HTTP access over unavailable HTTPS any day.
> millions of useful articles blocked because of few offending ones
Yes, freedom requires sacrifices. Freedom is not for feeble hearted.
This is an important point. I'd say keeping it in mind is more important for citizens of free countries today, than Chinese.
The sole fact that an argument like this being brought more and more in the West, where it wouldn't fly even 10 years ago, say just how much closer to China the West has become.
Over plain http, how would you solve the problem of a government modifying pages in transit or replacing them entirely with a new version? I suppose you could use the https public key infrastructure with digital signatures so that visitors know whether they're seeing the original...
Well, if you want that property, technically there was NULL encryption algorithm in early HTTPS versions (probably it's not supported now, but there's nothing unusual about it). So you'll have page in cleartext, including all headers (so censors can drop the connection if they don't like it), but you'll have associated checksums and certificates, so changes should be detectable.
This is likely the major reason why China has not yet blocked the major cloud providers. As soon as they allow ESNI/domain fronting, all bets are off as to what China will block.
They explicitly started doing this after Telegram used domain fronting to work around Russian censorship, which caused large chunks of AWS and GCP addresses to be blocked in Russia.