I have been tasked to review this document on behalf of the OPS directorate.  This document describes new means by which a DNS client can discover encrypted DNS services by DHCPv4, DHCPv6, and/or IPv6 RA messages.  From an operational point of view, I found the description of the protocol and how the client behaves to be good.  I was pleased to see sections that described why certain considerations were made.  That said, I didn't see any discussion of how a DHCP client would treat encrypted DNS options along with the standard name-server (option 6, v6 option 23) in DHCP or the RDNSS.  You mention you initially thought of using those approaches, but that leads to probing.

Section-wise, I found a couple of nits:

Section 3.1.8:

s/If the checks fail, the receiver discards/If any of the checks fail, the receiver MUST discard/

I felt this makes the text both clearer and more normative.  You use normative language in later sections when referring to 3.1.8.

===

Section 5.1:

In the figure, I feel TBA2 should be replaced with OPTION_V4_DNR.