Support Encrypted Client Hello

Recently, Cloudflare announced that they are rolling out Encrypted Client Hello, which helps hide the domain name from passive adversaries on the network, and uses a DNS HTTPS record as a bootstrapping mechanism for distributing public keys.

Due to the obvious benefits this has on anti-censorship, Tor Browser should enable this. However, Firefox and Chrome both force use of DNS over HTTPS in their browser settings in order for ECH to work (since they need to be sure this bootstrapping step isn't compromised). This is likely one of the biggest blockers for TBB to enable ECH, as well as #41325

We should try and enable this so that there is less information that a Tor exit node can have on a user's HTTPS connections, and in preparation for more websites rolling out ECH for their web properties.