As pointed out by R. du Toit, " Mechanism #2 relies on PSK session resumption support in the middlebox; this is not guaranteed." Indeed, MITM middleboxes can strip the PSK identities that they do not recognize, and effectively block the resumption.
The minimal requirement is that such connection attempts result in a connection with the fronting server, and that the client is aware of the stripping.
As pointed out by R. du Toit, " Mechanism #2 relies on PSK session resumption support in the middlebox; this is not guaranteed." Indeed, MITM middleboxes can strip the PSK identities that they do not recognize, and effectively block the resumption.
The minimal requirement is that such connection attempts result in a connection with the fronting server, and that the client is aware of the stripping.