Deployment considerations
Weaknesses
Clients considerations
Censorship and Blocking
De-anonymization attacks
Other considerations
The default fallback to cleartext SNI undermines security goals when ECH is unavailable. (XXX reference... proof! XXX)