So here's what I got. Perspective of Linda is that "attempting to bind a parameter that did not correspond to a parameter in the query is intended to cause an exception." She didn't comment on how strict we should be with the 1 thing. Certainly the spec says 1 in no uncertain terms.
I ran a test with Hibernate and EclipseLink and both of them will allow this:
Query query = entityManager.createQuery("SELECT m from Movie as m WHERE m.title = ?2 AND m.year = ?4");
Both of them will throw an exception from the setParameter method if the index doesn't exist, but neither cares what numbers you do or don't use beyond that.
So at this point I would just have to say you're in the clear from a letter of the spec perspective, but in terms of practicality (editing huge queries can take hours and relabeling index continuously just slows you down) and in compatibility with current EclipseLink and Hibernate implementations and past OpenJPA versions, it would be great to at least get a vendor specific flag to turn on/off the strict behavior.
If we had something that could be set at the unit level, that would be a very big help to us and potentially other users migrating or upgrading.