Encryption is typically layered on top of TCP and less commonly layered on top of UDP for good reason - connection state and transport ordering is a huge boon for cipher speed. CBC Ciphers are by far the standard, because they're much easier to compute.
Comparitively, QUIC layers encryption directly into the protocol. I can't say how it deals with the compute cost because I'm not familiar with the protocol at that level, but it's a clear design decision - since handshakes are expensive, including encryption in session establishment has significant benefits. Perhaps encryption configuration is expected to be handled in a side channel, but it's odd that in a discussion so centered on what the next layer up is doing it's completely forgotten this critical aspect.
CBC is pretty much obsolete. Modern TLS uses CTR based ciphers (AES-GCM or ChaCha-Poly1304). CTR can be more efficient than CBC, because encryption can be parallelized, while CBC has no advantages over CBC for this use-case.
Encryption also would likely change independently of the protocol issues.
Layers of communication are a thing for a reason, it allows each piece of the communication to upgrade independently. Instead of writing encryption into the spec, its more useful to write encryption on top of the spec as a 2nd layer.
Comparitively, QUIC layers encryption directly into the protocol. I can't say how it deals with the compute cost because I'm not familiar with the protocol at that level, but it's a clear design decision - since handshakes are expensive, including encryption in session establishment has significant benefits. Perhaps encryption configuration is expected to be handled in a side channel, but it's odd that in a discussion so centered on what the next layer up is doing it's completely forgotten this critical aspect.