So what I take from Mozilla's document on disabling DoH in #Firefox (https://support.mozilla.org/en-US/kb/configuring-networks-disable-dns-over-https) is that I add "use-application-dns.net" to the blacklist in Pi-hole?
Now it would be nice if that was a standard for all software that thinks DoH is a good idea, but I guess that's improbable...
(Also why would any network that does DNS interception pass that canary domain? Making it so easy for providers to disable DoH kinda defeats the stated intent of protecting users of malicious networks...)
Just found, there is already an Internet Draft at the IETF that might become a RFC:
Everyone in favor or against this idea of having a canary domain could come to the IETF and help with finding consensus.
Joining the IETF is free for everyone, remote participation via mailing list, jabber(xmpp) and live streaming sessions
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!