A Bitcointalk .onion was on my mind all week, together with other anti-DDoS mitigation ideas about which I hope to write up suggestions. It is also something I may perhaps, maybe, perhaps be willing to not only talk about (hint, hint).
.onion sites already have less exposure to DDoS than sites on the open Internet.
There have been plenty of .onion sites that have been DDoS'ed over the years. I know that Silk Road had a decent number of DDoS issues, and Ulbright apparently spent a decent amount of money fighting it. I am not sure if he implemented any of what you suggested though.
I was careful not to suggest that .onions be DDoS-proof. Of course, theyre not. But they do radically change the attack surface, largely for the better (at least against DDoS).
In practice, I would suppose that probably, the best means to deny access to a .onion would be to DDoS its introduction points. Those have publicly known IP addresses; and I doubt many Tor node operators are prepared to handle even something so commonplace as an amplified flood of UDP packets in response to forged DNS requests. The .onion will become available again as it changes introduction points; but meanwhile, users will have an awful time getting through. I am not saying anything which is not already well-known and widely discussed amongst Tor devs.
On another note, I would not deem Ulbricht competent to admin the website for a hot-dog cart. Let alone to run a site under a threat model far beyond my abilities, and likely beyond the capability of the Tor network. He couldnt even keep PHP (!) errors from spilling his servers guts. I guess he must have been high on
drugs. I would not take any lessons from his experience, other than mining it for examples of what not to do. Whereas .onions run by competent sysadmins have survived extreme DDoS attempts.