As long as everything that the spec allows is acceptable by the reference client, then it won't cause a fork.
If > 50% of miners reject all blocks that aren't valid according to the spec, then the chain will remain consistent with the spec, even if the reference client would accept blocks that are invalid according to the spec.
Effectively, the spec must define a sub-set of blocks that the official client will accept and also must not define any blocks that are in the chain as illegal. The second condition could be achieve with exceptions, if necessary.
Not necessarily, you could make it so that the ref client won't mine those blocks, but would accept them, as long as they occur far enough into the future.
Another one is that apparently the acceptable encodings for the public keys is "whatever openSSL accepts". The spec would have to have a clear definition of what encodings are acceptable.