HTTP/3 is QUIC. So you can tunnel whatever you want over a connection that is not reliably distinguishable from HTTPS. (You can do heuristics based on packet sizes and timings)
Much more effective, really. I built one such self-hostable proxy on Cloudflare Workers & Deno Deploy: https://github.com/serverless-proxy/serverless-proxy (http-tunneling only works on Deno Deploy, and requires an enterprise plan on Cloudflare but tunneling with websockets works on the free plan, as well).
My observation is that if you use a tunnel not for VPN (which typically uses one long connection) but for a SOCKS proxy (which requires a new connection for every proxied connection) then the timings strongly resemble real HTTPS timings.
