A straight hash has the disadvantage that everyone who grabs the browser is likely to use the same dns provider for a given site. A hash ^ my machine UUID or MAC solves that.
That said, DoH only centralizes DNS until it is widely adopted enough. I think the ‘encrypt everything’ push at the moment has enough momentum to actually get DoH or similar specs implemented in enough places to have a chance of not centralizing. That does require a bit of a gamble on our parts, but it is a step in the right direction.
I doubt it. The whole point of DoH is that it runs on port 443. So an authoritarian government / ISP / employer can’t block it unless they block all HTTPS (or control the client device). That is, unless they can identify the specific DoH server that you are using and block traffic to that.