How exactly does DoT make any of this any better? Conceptually, your local system resolver can use DoH just as easily as DoT. The primary difference between the two protocols, from a pragmatic perspective, is that DoT can be blocked by ISPs and network providers, and DoH is harder to block.
I've been doing DNS over TLS with pfSense for over a year now.
The problem as I understand it is that Firefox and Chrome will soon default to DoH. Now I have to remember to go in and change default app settings. Ok not a huge deal with just two apps but yet something else I shouldn't have to do.