Hi,
this is just a short heads-up.
I'm currently tinkering about how we could improve DNS security and privacy for tor clients. My idea write-up is not done yet but since the IETF DoH WG [1] is proceeding towards their next steps I wanted to move now before it might be to late and let you know that I might ask them if they want to allow non-HTTPS uris in the case of onion v3 addresses (currently HTTPS is required). This might be handy for TB in the future. If you have objections let me know.
I also reached out to Seth Schoen and asked him about his efforts to make onion v3 DV certificates acceptable to the CA/Browser Forum (if that is possible then the HTTPS requirement isn't a problem for DoH over onion v3).
regards, nusenu
[1] https://datatracker.ietf.org/doc/draft-ietf-doh-dns-over-https