Adding Expect-CT header to HTTP response

In the security test report, I have a recommendation to add Expect-CT header to the HTTP response from web application, additionally developers set this to:

Expect-CT: max-age=0, report-uri=

I am not sure if it is a good idea to add this header. According to

“The Expect-CT will likely become obsolete in June 2021. Since May 2018 new certificates are expected to support SCTs by default. Certificates before March 2018 were allowed to have a lifetime of 39 months, those will all be expired in June 2021.”

So because certificates are expected to support SCTs by default I do not think that this header makes any sense.

When it comes to configuration according to max-age=0, report-uri= means:

“This policy is deployed in report-only mode and if the browser doesn’t receive CT information that it’s happy with, referred to as not being ‘CT Qualified’, rather than terminate the connection it will simply send a report to the specified report-uri value.”

Because I don’t have uri here, the report will not be sent, so there is no additional security at all.

On the other hand I see that some popular websites like Linkedin still use this header, the example from Linkedin:

Expect-CT: max-age=86400, report-uri=""