> If someone can tell you're using HTTPS instead of some other TLS-encrypted protocol, that means they've broken TLS.

Lots of clients just tell the world. ALPN is part of the unecrypted client hello.

I’d say nowadays 443/tcp is the only port that you’ll find open in any usable network, anything else is part of a corporate network whack-a-mole game. So while DoH and DoT traffic shouldn’t be distinguishable, 853/tcp is surely a weird port in the grand scheme of things.