<ArtifactResponse>
•CarRentalInc has just received an ArtifactResolve message ("What's up?"). It checks the artifact to make sure it corresponds to the one it sent out, and authenticates[1] the sender.
•Next, CarRentalInc embeds an <AuthnRequest> within an <ArtifactResponse> message.
[1]
Authentication can take place at the transport level (e.g., using
SSL Mutual Authentication, HTTP Basic Authentication over a server-side SSL connection, etc), or at the SAML level
by having AirlineInc digitally sign the message, and then CarRentalInc validates the signature.