Why do clients respond to any deauth request they hear instead of verifying the origin?
They don't respond to any deauth/disassoc frame they hear, they only respond to such frames that are addressed to them and sourced from their AP MAC address. And yes, this by the nature of 802.11 wireless would include frames with spoofed source addresses.
Also, will this be addressed in the upcoming WPA3 standard?
No. First, WPA3 is not a standard, it is a specification for getting a particular certification(s) from the Wi-Fi Alliance for a device. The IEEE defines the 802.11 wireless standards and there are no working groups working on any amendments that change the essentials of 802.11i (which the WFA's WPA2 certification is based on). Please see my answer here for more on what WPA3 is if you like.
Second, there is no need to do so. This was addressed in an amendment by the IEEE that was ratified in 2009, namely 802.11w. The issue is that implementation of support for this amendment has been slow by certain vendors outside the enterprise environment. Check out my answer here for more.
It seems to me this would be a basic thing that should have been implemented as part of WPA2 to prevent easily giving away of the handshake and to prevent someone from doxing the connection.
PSK as defined by 802.11i (WPA2) was meant for basic, personal use. It was intended for simplicity and ease of use. If an entity wanted better security, 802.11i defined the use of 802.1X and RADIUS to provide such.