The JWT spec can thus be fixed by changing the recommended set of primitives. No need to reinvent the wheel with custom serialization (that probably also has vulnerabilities when implemented by clueless people).
You parade the alg=none vulnerability that has been fixed long ago as the reason to reinvent the world. It's simply not.
You keep repeating that. What is "fundamentally flawed"?
PASETO has exactly the same vulnerabilities. You can specify a different version, and a buggy implementation can misinterpret it. With PASETO, the algorithm selection is fully under the control of the attacker.
You parade the alg=none vulnerability that has been fixed long ago as the reason to reinvent the world. It's simply not.