> It’s also how browsers detect a website supports HTTP3
It's one way, but a H1/H2 connection can also be promoted to H3 via the alt-svc header. The DNS method is slightly better though since it potentially allows a client to utilize H3 immediately from the first request.
Every browser requires H2 connections to be encrypted so I don't think a MITM downgrading to it would reveal anything. Downgrading to H1 might do since encryption is optional there, but the proper way to prevent that is to submit your domains to the HSTS preload list so that browsers will always require encryption, regardless of protocol, no exceptions.
It's one way, but a H1/H2 connection can also be promoted to H3 via the alt-svc header. The DNS method is slightly better though since it potentially allows a client to utilize H3 immediately from the first request.