A lot of work goes into disabling fingerprinting from the technology angle, but I wonder if fingerprinting by user behavior is equally important.
If Joe is using Tor Browser properly and logs into his favorite onion service message board between 5:30 and 6:00 pm every day and stays for a few hours, the server admin may not need to fingerprint his browser, it can be see via behavior that it is him. After all, he may be the only person logging in at this time. Perhaps Joe broke the rules and his account got banned. Now suspiciously someone named “Sue” logs into the same message board between 5:30 and 6:00 pm every day.
While fingerprinting by behavior is less concrete than fingerprinting by something like an strange screen resolution or a noisy addon, I think it is still an issue. I wonder if educating people about not making online behavioral patterns would be worth it.