Is DoH really that that important right now? Your ISP can still see the domain you're connecting to via SNI. Until encrypted SNI (eSNI) arrives it doesn't seem like a big win for privacy.
Cloudflare's 1.1.1.1 currently supports ESNI, but Firefox has replaced ESNI in favor of ECH (Encrypted Client Hello) starting from version 85 due to vulnerabilities in the former. Unfortunately, no public DNS resolvers support ECH yet.
- https://blog.mozilla.org/security/2021/01/07/encrypted-clien...
- https://bugzilla.mozilla.org/show_bug.cgi?id=1709263
Cloudflare has another blog post with the implementation details for ECH:
- https://blog.cloudflare.com/encrypted-client-hello/