[arch-choot]

Could you clarify a bit more what you mean by "Domain Fronting is why ECH exists"?

Because even with ECH, you (TLS client) can set any public_name you want, but the innerSNI can be something else.

Or is that what you mean; since the providers can "ignore" the OuterSNI, they can rely on the InnerSNI to still route traffic?

[tialaramex]

Yes, you've basically got it, the customers for fuck-trump.example just write your chosen value in OuterSNI and fuck-trump.example in the InnerSNI, which is encrypted and you do the (very cheap on modern hardware) decryption and route fuck-trump.example. In practice it might work (but isn't guaranteed to) to write something else in OuterSNI like whitehouse.gov rather than the value chosen by the operator.

It's apparent from other responses that most people didn't understand that we're not talking about a weird new feature which might work if people implement it. This is the published document explaining how it works, but the reality is that it's widely deployed today. This is already how it's working today, if you tell people first they raise all sorts of objections and insist it's unworkable, so, we didn't tell them first we just did it. Here's a relevant quote:

"Dan, I'm not a Republic serial villain. Do you seriously think I'd explain my master-stroke if there remained the slightest chance of you affecting its outcome? I did it thirty-five minutes ago" -- Watchmen, by Alan Moore.