No, the *[ ... ] syntax means an arbitrary number of the thing in the brackets.
Ah, I didn't notice the * on the <hname> line - my bad
I don't think underscores in domain names are allowed in general
Not according to the original specification: http://www.ietf.org/rfc/rfc1034.txt But according to a later RFC: http://www.ietf.org/rfc/rfc2181.txt
any binary string whatever can be used as the label of any resource record
I've read that some of the IDNA rfcs added i18n for hostnames too which resulted in making "_" legal there too but I couldn't find that anywhere
Enabling HTTPProtocolOptions unsafe on the virtualhost doesn't work so you need to enable it on the global apache config - and the documentation notes it's "strongly cautioned against"
But arguing over the interpretation of different specifications is unimportant - as you mentioned underscores are widely in use right now, and as Ondrej agreed it's a bad idea to have such a huge breaking change whether it's intended or not.