> You're very naive if you believe there is no way for the ISP to view your traffic just because you're over an https connection.

You seem to be under an impression an ISP's "Intercept Access Point" is somehow different from any downstream MitM. An ISP is certainly has more area than a coffee shop network, but the threat model stays mostly the same. Both I and Comcast can run tcpdump or mess with your packets to the extent cryptography permits.

There are only some realistic ways you could intercept a TLS connection, and that would be

1) For you to use TOFU, and the ISP to tamper with the initial key exchange. To stay undetected, you would have to ensure every vantage point after provides your compromised keys, expanding to potentially every cellular provider, home/business connections, and data-centers, potentially even outside your jurisdiction. This would be easiest if you could meddle near the backbone, until you realize the cost of deeply inspecting every packet, detecting the protocol, and transparently re-encrypting _all_ the internet. As soon as you verify out-of-band, even over a VoIP call, or the target crosses into a network you didn't compromise, your cover is blown. And you've only got shot at intercepting the key exchange, so you can't afford to be picky about who to target.

2) In practice, most traffic uses Certificate Authority roots from the browser's default set. As I've said before you can either plead with the citizens to install your intercept CA, or you can find one trusted by browsers without cross-jurisdictional threshold signatures and try to apply rubber hose cryptoanalysis until the rights certs get signed. A transparency log will mandate you publish your MitM cert onto an immutable global ledger, letting everyone know something fishy is going on. Your attack has succeeded, but at the cost of blowing your cover.

What an ISP, as well as me as a network admin, do see is the domain and IP, timing, and packet size. That does allow me to deduce a lot about you--large packets sent to whatsapp.com are probably images, many small ones may be a call. But that's about it unless you can get the keys.