I skimmed the paper and read it as an improved passive attack against ESNI and Do{T,H} setups. There's nothing really new, other than QUIC making it easier to identify the destinations.
When you say ESNI is dead in the water, do you mean that itβs moved on to being ECH (encrypted client hello)? Or do you mean the entire concept is dead? If the latter, what makes you say that?
I meant the conversion to ECH. eSNI has had proof-of-concept support built in for a while and, had it worked out better, could have been deployed publicly any day now. The new extension, ECH, will need significant testing and development until it can reach the same level of support again.
The concept is the clear and obvious way forward in web security; what's the point in encrypting DNS when the SNI is still readable. I'm also glad that eSNI has been dropped because of the obvious flaws found in it rather than continuing attempts to secure an inherently flawed protocol. However, this does mean that deployment will take longer than previously estimated, which is kind of a bummer.
Traffic analysis is a harsh villain.