Encrypting even only first hop DNS traffic: cool.
Authenticating at least the resolver: cool.
Forcing ISPs to rethink how they use DNS data: very cool.

But still, there's a number of things that bother me about DoH:

(1) DoH only focuses on communications between client and resolver. This only solves a small part of the larger problem and offers no meaningful way to protect the communications between e.g., resolver and authoritatives.

(2) It only focuses on web applications (primarily browsers). No protections are offered to other apps. This divides the host configuration and the client threat model, adds complexity, and reinforces a "the web is the entire internet now" mindset.

(3) DoH is entangled with a push for public resolvers, presumably to defeat data collection/manipulation by an untrusted default resolver. But (a) that is not within the threat model outlined in the RFC ("preventing on-path devices from interfering with DNS operations"), ...

...(b) use of the canary domain or the detection of content filtering being in place lets that untrusted resolver disable DoH. (This is what happens when you assume protections outside of the specified threat model.)

(4) The push for use of a public resolver (again, not an inherent part of DoH, but somehow implied in most discussions) then leads to a centralized DNS. That seems like the wrong direction to go into, especially with privacy in mind.

And the number one thing that bothers me, given all of the above is...

(5) All the attention DoH is getting right now distracts from more comprehensive solutions (DNSSEC + DoT).

(I'll dig up this thread in 5 years, when I'm debugging why my still unauthenticated DNS results vary between apps/providers despite using DNS-over-Bitcoin-over-Kubernetes-over-HTTPS and all my data was sold when the only two big public DNS providers made that deal with China.)